tcpdump抓包抓某个地址host，并写入文件时以时间命令

admin

[root@xa-radb-01 ~]# tcpdump  -i br0 host 192.168.0.232 -vv -nn
4 [% G- X. ?2 O/ Y8 M8 @dropped privs to tcpdump
tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
09:43:25.469439 IP (tos 0x0, ttl 64, id 60063, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11076, seq 1, length 64
; ?5 i( F! v0 [8 Z09:43:28.617495 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.41 tell 192.168.0.232, length 28
: W, b9 a8 g8 W09:43:28.617529 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.0.41 is-at e8:61:1f:3e:ea:0f, length 28
09:43:28.617630 IP (tos 0x0, ttl 64, id 1210, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.41: ICMP echo request, id 11077, seq 1, length 64
09:43:28.617657 IP (tos 0x0, ttl 64, id 35091, offset 0, flags [none], proto ICMP (1), length 84)
% q/ j* [. |/ N0 y- o9 s; a    192.168.0.41 > 192.168.0.232: ICMP echo reply, id 11077, seq 1, length 64
09:43:29.619053 IP (tos 0x0, ttl 64, id 1479, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.41: ICMP echo request, id 11077, seq 2, length 64
09:43:29.619067 IP (tos 0x0, ttl 64, id 35130, offset 0, flags [none], proto ICMP (1), length 84)
! i4 P8 S4 ^: s& k# u2 n) o    192.168.0.41 > 192.168.0.232: ICMP echo reply, id 11077, seq 2, length 64
( b0 \" \% _. U( Y) `6 ~* i' c09:43:30.620547 IP (tos 0x0, ttl 64, id 1534, offset 0, flags [DF], proto ICMP (1), length 84)
9 g& `. N! \6 ]7 P    192.168.0.232 > 192.168.0.41: ICMP echo request, id 11077, seq 3, length 64
09:43:30.620566 IP (tos 0x0, ttl 64, id 35321, offset 0, flags [none], proto ICMP (1), length 84)
2 Z; ]6 e( M, Q    192.168.0.41 > 192.168.0.232: ICMP echo reply, id 11077, seq 3, length 64
" d" {' p' P( D; _# y# O7 d3 k1 a09:43:31.621869 IP (tos 0x0, ttl 64, id 1857, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.41: ICMP echo request, id 11077, seq 4, length 64
3 f% |6 y" B& K* j8 Q1 z& w& f09:43:31.621890 IP (tos 0x0, ttl 64, id 35473, offset 0, flags [none], proto ICMP (1), length 84)
# r' l  p  U1 D0 S- v" ~/ D! C& f4 Z    192.168.0.41 > 192.168.0.232: ICMP echo reply, id 11077, seq 4, length 64
( [! s  t, q0 u0 D2 m* r! [09:43:33.536520 IP (tos 0x0, ttl 64, id 62363, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 1, length 64
) N! ^! H- j9 d8 e* A) p09:43:33.819142 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.232 tell 192.168.0.41, length 28
. J6 z$ j! ?5 P0 m8 H/ r0 x09:43:33.819270 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.0.232 is-at 52:54:00:3a:43:52, length 28
4 `/ ]1 S4 c& i09:43:34.536049 IP (tos 0x0, ttl 64, id 62471, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 2, length 64
09:43:35.536039 IP (tos 0x0, ttl 64, id 63261, offset 0, flags [DF], proto ICMP (1), length 84)
: [7 b& Q$ d2 `$ u    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 3, length 64
% ?0 O" h' {3 ~: z09:43:36.536014 IP (tos 0x0, ttl 64, id 63451, offset 0, flags [DF], proto ICMP (1), length 84)
( B$ W  ^  f5 c    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 4, length 64
09:43:37.536025 IP (tos 0x0, ttl 64, id 64171, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 5, length 64
09:43:38.535994 IP (tos 0x0, ttl 64, id 64546, offset 0, flags [DF], proto ICMP (1), length 84)
% Z! d4 X# v6 U3 V    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 6, length 64
09:43:39.535993 IP (tos 0x0, ttl 64, id 65261, offset 0, flags [DF], proto ICMP (1), length 84)
& }. l8 y' p) U8 X  T4 n! _    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 7, length 64
09:43:40.535978 IP (tos 0x0, ttl 64, id 590, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11078, seq 8, length 64
9 s9 k. w8 n3 Z0 j* n  _. _09:43:47.885238 IP (tos 0x0, ttl 64, id 6499, offset 0, flags [DF], proto ICMP (1), length 84)
6 q4 l, ]) X: p& u: W- _0 H- a/ w    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11080, seq 1, length 64
" o2 v5 d" \  `% s3 C- i; O09:43:48.884913 IP (tos 0x0, ttl 64, id 6872, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11080, seq 2, length 64
09:43:49.884924 IP (tos 0x0, ttl 64, id 6895, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11080, seq 3, length 64
09:43:50.884893 IP (tos 0x0, ttl 64, id 7013, offset 0, flags [DF], proto ICMP (1), length 84)
6 Y6 |2 `; D, V3 a7 l2 f, b4 J7 z/ W    192.168.0.232 > 192.168.0.1: ICMP echo request, id 11080, seq 4, length 64
09:44:52.844611 IP (tos 0x0, ttl 62, id 43536, offset 0, flags [DF], proto TCP (6), length 60)