使用tcpdump在非默認接口上捕獲
[英]Capturing on a non-default interface with tcpdump
問題描述
如果config是
[root@test2 ~]# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3045306 errors:0 dropped:0 overruns:0 frame:0
TX packets:3045306 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:969363066 (924.4 MiB) TX bytes:969363066 (924.4 MiB)
p4p1 Link encap:Ethernet HWaddr F0:4D:A2:F7:CE:20
inet addr:192.168.250.58 Bcast:192.168.250.255 Mask:255.255.255.0
inet6 addr: fe80::f24d:a2ff:fef7:ce20/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:222163621 errors:0 dropped:0 overruns:0 frame:0
TX packets:29525032 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:67504475609 (62.8 GiB) TX bytes:13910424527 (12.9 GiB)
virbr0 Link encap:Ethernet HWaddr 52:54:00:3C:38:60
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
當我執行tcpdump時,o / p是
root@test2 ~]# tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on virbr0, link-type EN10MB (Ethernet), capture size 65535 bytes
默認情況下,它在哪里監聽vibra0界面。 我想將p4p1接口設置為默認接口,以便在執行tcpdump時可以獲得適當的o / p。
任何解決方案。
1 個解決方案
解決方案1
1
您無法更改tcpdump的默認界面(除非您破解tcpdump或libpcap的代碼)。
但是,您可以使用-i選項,告訴tcpdump在特定接口上進行捕獲:
tcpdump -i p4p1
以太網嗅探器無法捕獲所有內容,與tcpdump並行運行
[英]Ethernet sniffer not capturing everything, with tcpdump in parallel it does
當 docker0 具有非默認地址時,無法在 docker 容器內訪問 Internet
[英]cannot access Internet inside docker container when docker0 has non-default address
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.