Some Common Options for TCPDump #
| Option | Description |
|---|---|
| -i <interface> | Specifies the interface to use |
| -v | Produces output in verbose mode |
| -vv | Produces output in really verbose mode |
| -x | Causes TCPDump to print the packet itself in hexadecimal format |
| -X | Causes TCPDump to also print the output in ASCII |
| -n | Tells TCPDump not to perform DNS lookups for the IP addresses |
| seen during the capture | |
| -F <file> | Reads the expression from <file> |
| -D | Prints available interfaces |
| -s <length> | Sets the length for each packet of the capture to <length> |
Content #
抓取TLS握手阶段的Client Hello报文 抓取TCP RST报文 过滤后转存 只抓取到传输层头部 确定抓包位置(客户端还是服务器) tcptrace frame.time过滤器