tcpdump 抓包记录

admin

# tcpdump -i any port 80 -A -nnn -vvv
$ X9 _1 E. k" i  Otcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
18:50:10.840226 IP (tos 0x0, ttl 64, id 59693, offset 0, flags [DF], proto TCP (6), length 40)
5 T% v% |$ I3 B6 B+ F    38.121.62.70.80 > 123.115.196.239.39061: Flags [F.], cksum 0xd632 (correct), seq 2284155649, ack 276991629, win 355, length 0
( n+ F0 j6 |  Z9 WE..(.-@.@...&y>F{s...P...%s.....P..c.2..
18:50:11.019545 IP (tos 0x0, ttl 64, id 32324, offset 0, flags [DF], proto TCP (6), length 40)
    38.121.62.70.80 > 123.115.196.239.39094: Flags [F.], cksum 0x705a (correct), seq 988967147, ack 1956175783, win 307, length 0
E..(~D@.@..j&y>F{s...P..:.p.t...P..3pZ..
18:50:11.028472 IP (tos 0x0, ttl 115, id 33858, offset 0, flags [DF], proto TCP (6), length 40)
    123.115.196.239.39061 > 38.121.62.70.80: Flags [.], cksum 0xd692 (correct), seq 1, ack 1, win 259, length 0
E..(.B@.s..k{s..&y>F...P.....%s.P.............
9 l8 b1 v! t5 k$ i# ~7 I18:50:11.204300 IP (tos 0x0, ttl 115, id 33925, offset 0, flags [DF], proto TCP (6), length 40)
    123.115.196.239.39094 > 38.121.62.70.80: Flags [.], cksum 0x708c (correct), seq 1, ack 1, win 257, length 0
E..(..@.s..({s..&y>F...Pt...:.p.P...p.........
- a6 Z0 v4 P. ?6 E( ^; S18:50:11.598242 IP (tos 0x0, ttl 64, id 45756, offset 0, flags [DF], proto TCP (6), length 40)
    38.121.62.70.80 > 123.115.196.239.39093: Flags [F.], cksum 0x8762 (correct), seq 205104619, ack 4147396541, win 307, length 0
$ B/ [) k/ }1 j% u" EE..(..@.@...&y>F{s...P...9...4?.P..3.b..
( S+ n' q2 p3 j* [% S18:50:11.783015 IP (tos 0x0, ttl 115, id 34573, offset 0, flags [DF], proto TCP (6), length 40)
    123.115.196.239.39093 > 38.121.62.70.80: Flags [.], cksum 0x8795 (correct), seq 1, ack 1, win 256, length 0
, h4 W" U: M( ?* [5 Y8 K6 G  M  q@.s...{s..&y>F...P.4?..9..P.............
^C
6 packets captured
6 packets received by filter
. a8 }$ m4 r) Y* q6 a0 packets dropped by kernel