How to use tcpdump to capture packets for a long time in Linux
Source: Internet
Author: User
Linux with tcpdump long-term packet capture operation method command: tcpdump-ieth1-s0-wk.cap & amp; finally added & amp; is to make this command in the background for long-term execution, otherwise, the tcpdump command stops automatically after sshclient is disabled. Www.2cto.com and then log on again...
Command: tcpdump-I eth1-s 0-w k. cap & added at the end to make the command run in the background for a long time. Otherwise, the tcpdump command stops automatically after the ssh client is disabled. After www.2cto.com, log on to linux again and perform the following operations-bash-3.00 # ps-ef | grep tcpdumppcap 3660 1 0? 00:00:00 tcpdump-I eth1-s 0-w k. caproot 3721 3680 0 00:00:00 pts/1 grep tcpdump-bash-3.00 # kill 3660-bash-3.00 # ls-l-rw-r -- 1 root 33714 Mar 29 k. the cap downloads the message to the local device for analysis. Note:-s 0 indicates that the size of captured packets is not limited.
When using this command, you must pay attention to the remaining space (df-h) on the hard disk to avoid the abnormal use of the system due to excessive files.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
