tcpdump 抓包 #1
Description
## 流量包捕获工具 Tcpdump
### 捕获特定服务的端口
```bash
tcpdump -c 100 -nn -XX -vvv \
-i ens192 'tcp and ((dst port 9980 and dst host 127.0.0.1) or \
(src port 9980 and src host 127.0.0.1))' \
-w test2.pcap
tcpdump -c 1000 -nn -XX -vvv \
-i lo '(dst port 9980 and dst host 127.0.0.1) \
or (src port 9980 and src host 127.0.0.1)' \
-w test-https-wget.pcap
tcpdump -c 1000 -nn -XX \
-vvv -i ens192 'dst port 57321 or src port 57321' \
-w test-socks5.pcap