查看磁盘io、内存free、系统进程ps、网络状态netstat、Linux抓包tcpdump
2018-01-23 19:53
1046 查看
查看磁盘io性能状态
iostat -x
查看磁盘使用(安装包与sar的安装包一起)主要查看%util
[root@shu-test ~]# iostat -x Linux 3.10.0-693.el7.x86_64 (shu-test) 2018年01月23日 _x86_64_ (1 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 0.13 0.00 0.44 0.15 0.00 99.28 Device: rrqm/s wrqm/s r/s w/s rkB/s wkB/s avgrq-sz avgqu-sz await r_await w_await svctm %util sda 0.00 0.12 7.63 2.61 110.65 11.27 23.83 0.01 0.97 0.89 1.18 0.37 0.38 sdb 0.00 0.00 0.10 0.00 2.28 0.00 45.16 0.00 0.35 0.35 0.00 0.35 0.00 scd0 0.00 0.00 0.02 0.00 1.11 0.00 114.22 0.00 2.39 2.39 0.00 2.17 0.00 [root@shu-test ~]#
iotop
当发现io很忙,可以使用iotop查询是哪个进程使用io大;安装包
yum install -y iotop
查看磁盘io使用进程;
[root@shu-test ~]# iotop Total DISK READ : 0.00 B/s | Total DISK WRITE : 0.00 B/s Actual DISK READ: 0.00 B/s | Actual DISK WRITE: 0.00 B/s TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND 1 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % systemd --switched-root --system --deserialize 21 2 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kthreadd] 3 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [ksoftirqd/0] 5 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kworker/0:0H] 7 rt/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [migration/0] 8 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [rcu_bh] 9 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [rcu_sched] 10 rt/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/0] 12 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kdevtmpfs] 13 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [netns] 14 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [khungtaskd] 15 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [writeback] 16 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kintegrityd] 17 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [bioset] 18 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kblockd] 19 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [md] 533 be/4 dbus 0.00 B/s 0.00 B/s 0.00 % 0.00 % dbus-daemon --system --addr~idfile --systemd-activation 25 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kswapd0] 26 be/5 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [ksmd] 27 be/7 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [khugepaged] 28 be/0 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [crypto]
free命令
查看内存使用情况[root@shu-test ~]# free total used free shared buff/cache available Mem: 1008152 122192 636236 6864 249724 711676 Swap: 2097148 0 2097148 [root@shu-test ~]#
Mem:内存使用情况
Swap:交换分区使用情况
total:总大小;
used:使用中;
free:剩余数量;
shared:共享中的;
buff/cache:缓存;
available:可获得的;
公式:
total=used+free+cache
avaliable包含free和buffer/cache剩余部分
用单位表示数据显示;
free -h
[root@shu-test ~]# free -h total used free shared buff/cache available Mem: 984M 119M 621M 6.7M 243M 695M Swap: 2.0G 0B 2.0G [root@shu-test ~]#
ps命令
查看系统进程(特重要)ps aux
将系统是由进程静态的列出(top为动态)[root@shu-test ~]# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.6 128164 6820 ? Ss 16:10 0:01 /usr/lib/systemd/systemd --switched-root --system root 2 0.0 0.0 0 0 ? S 16:10 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S 16:10 0:00 [ksoftirqd/0] root 5 0.0 0.0 0 0 ? S< 16:10 0:00 [kworker/0:0H] root 7 0.0 0.0 0 0 ? S 16:10 0:00 [migration/0] root 8 0.0 0.0 0 0 ? S 16:10 0:00 [rcu_bh] root 9 0.0 0.0 0 0 ? R 16:10 0:00 [rcu_sched] root 10 0.0 0.0 0 0 ? S 16:10 0:00 [watchdog/0] root 12 0.0 0.0 0 0 ? S 16:10 0:00 [kdevtmpfs] root 13 0.0 0.0 0 0 ? S< 16:10 0:00 [netns] root 14 0.0 0.0 0 0 ? S 16:10 0:00 [khungtaskd] root 15 0.0 0.0 0 0 ? S< 16:10 0:00 [writeback] root 16 0.0 0.0 0 0 ? S< 16:10 0:00 [kintegrityd] root 17 0.0 0.0 0 0 ? S< 16:10 0:00 [bioset] root 18 0.0 0.0 0 0 ? S< 16:10 0:00 [kblockd] root 19 0.0 0.0 0 0 ? S< 16:10 0:00 [md] root 25 0.0 0.0 0 0 ? S 16:10 0:00 [kswapd0] root 26 0.0 0.0 0 0 ? SN 16:10 0:00 [ksmd] root 27 0.0 0.0 0 0 ? SN 16:10 0:00 [khugepaged] root 28 0.0 0.0 0 0 ? S< 16:10 0:00 [crypto] root 36 0.0 0.0 0 0 ? S< 16:10 0:00 [kthrotld] root 37 0.0 0.0 0 0 ? S 16:10 0:00 [kworker/u128:1] root 38 0.0 0.0 0 0 ? S< 16:10 0:00 [kmpath_rdacd] root 39 0.0 0.0 0 0 ? S< 16:10 0:00 [kpsmoused] root 41 0.0 0.0 0 0 ? S< 16:10 0:00 [ipv6_addrconf] root 60 0.0 0.0 0 0 ? S< 16:10 0:00 [deferwq] root 92 0.0 0.0 0 0 ? S 16:10 0:00 [kauditd] root 229 0.0 0.0 0 0 ? S< 16:10 0:00 [mpt_poll_0] root 231 0.0 0.0 0 0 ? S< 16:10 0:00 [mpt/0] root 233 0.0 0.0 0 0 ? S< 16:10 0:00 [ata_sff] root 241 0.0 0.0 0 0 ? S 16:10 0:00 [scsi_eh_0] root 242 0.0 0.0 0 0 ? S< 16:10 0:00 [scsi_tmf_0] root 243 0.0 0.0 0 0 ? S 16:10 0:00 [scsi_eh_1] root 246 0.0 0.0 0 0 ? S< 16:10 0:00 [scsi_tmf_1] root 249 0.0 0.0 0 0 ? S 16:10 0:00 [scsi_eh_2] root 251 0.0 0.0 0 0 ? S< 16:10 0:00 [scsi_tmf_2] root 252 0.0 0.0 0 0 ? S 16:10 0:00 [kworker/u128:2] root 255 0.0 0.0 0 0 ? S< 16:10 0:00 [ttm_swap] root 276 0.0 0.0 0 0 ? S< 16:10 0:00 [bioset] root 277 0.0 0.0 0 0 ? S< 16:10 0:00 [xfsalloc] root 278 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs_mru_cache] root 279 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-buf/sda3] root 280 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-data/sda3] root 281 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-conv/sda3] root 282 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-cil/sda3] root 283 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-reclaim/sda] root 284 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-log/sda3] root 285 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-eofblocks/s] root 286 0.0 0.0 0 0 ? S 16:10 0:00 [xfsaild/sda3] root 353 0.0 0.2 34940 2788 ? Ss 16:10 0:00 /usr/lib/systemd/systemd-journald root 372 0.0 0.4 121356 4084 ? Ss 16:10 0:00 /usr/sbin/lvmetad -f root 374 0.0 0.5 47696 5736 ? Ss 16:10 0:00 /usr/lib/systemd/systemd-udevd root 417 0.0 0.0 0 0 ? S< 16:10 0:00 [kworker/0:1H] root 439 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-buf/sda1] root 441 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-data/sda1] root 442 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-conv/sda1] root 444 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-cil/sda1] root 446 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-reclaim/sda] root 448 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-log/sda1] root 450 0.0 0.0 0 0 ? S< 16:10 0:00 [xfs-eofblocks/s] root 452 0.0 0.0 0 0 ? S 16:10 0:00 [xfsaild/sda1] root 500 0.0 0.0 55452 900 ? S<sl 16:10 0:00 /sbin/auditd root 524 0.0 0.1 24204 1668 ? Ss 16:10 0:00 /usr/lib/systemd/systemd-logind polkitd 527 0.0 1.3 534888 13884 ? Ssl 16:10 0:00 /usr/lib/polkit-1/polkitd --no-debug root 529 0.0 0.6 99608 6100 ? Ss 16:10 0:00 /usr/bin/VGAuthService -s root 531 0.0 0.4 214500 4720 ? Ssl 16:10 0:00 /usr/sbin/rsyslogd -n dbus 533 0.0 0.1 32776 1860 ? Ssl 16:10 0:00 /bin/dbus-daemon --system --address=systemd: --nof root 549 0.1 0.6 305368 6324 ? Ssl 16:10 0:04 /usr/bin/vmtoolsd root 554 0.0 0.1 126236 1676 ? Ss 16:10 0:00 /usr/sbin/crond -n root 556 0.0 0.0 110044 828 tty1 Ss+ 16:10 0:00 /sbin/agetty --noclear tty1 linux chrony 559 0.0 0.1 115640 1780 ? S 16:10 0:00 /usr/sbin/chronyd root 569 0.0 2.8 334236 28996 ? Ssl 16:10 0:00 /usr/bin/python -Es /usr/sbin/firewalld --nofork - root 584 0.0 0.8 472132 9016 ? Ssl 16:10 0:00 /usr/sbin/NetworkManager --no-daemon root 886 0.0 1.8 562392 18644 ? Ssl 16:10 0:00 /usr/bin/python -Es /usr/sbin/tuned -l -P root 887 0.0 0.4 105996 4072 ? Ss 16:10 0:00 /usr/sbin/sshd -D root 988 0.0 0.2 89544 2092 ? Ss 16:10 0:00 /usr/libexec/postfix/master -w postfix 989 0.0 0.3 89648 4004 ? S 16:10 0:00 pickup -l -t unix -u postfix 990 0.0 0.3 89716 4024 ? S 16:10 0:00 qmgr -l -t unix -u root 998 0.0 0.5 145700 5212 ? Ss 16:10 0:00 sshd: root@pts/0 root 1001 0.0 0.2 116156 2984 pts/0 Ss 16:10 0:00 -bash root 1071 0.0 0.0 0 0 ? R 16:41 0:01 [kworker/0:0] root 1100 0.0 0.0 123208 780 ? Ss 17:01 0:00 /usr/sbin/anacron -s root 1103 0.0 0.0 0 0 ? S 17:01 0:00 [kworker/0:2] root 1104 0.0 0.0 0 0 ? S 17:06 0:00 [kworker/0:1] root 1111 0.0 0.0 0 0 ? S 17:11 0:00 [kworker/0:3] root 1123 0.0 0.1 151064 1820 pts/0 R+ 17:14 0:00 ps aux [root@shu-test ~]#
USER:所属用户;
PID:进程的标签,配合kill杀死进程;
STAT部分详解:
D:不能中断的进程;
R:run状态的进程;
S:sleep状态的进程;
T:暂停的进程;
Z:僵尸进程;
<:高优先级进程;
N:低优先级进程;
L:内存中被锁了的内存分页;
s:主进程;
l:多线程进程;
+:前台进程;
查询进程
ps aux | grep 进程名查询当前进程是否存在或运行;
[root@shu-test ~]# ps aux | grep nginx root 1141 0.0 0.0 112676 984 pts/0 S+ 17:30 0:00 grep --color=auto nginx [root@shu-test ~]#
netstat
查看网络状态netstat -lnp
查看监听的端口[root@shu-test ~]# netstat -lnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 887/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 988/master tcp6 0 0 :::22 :::* LISTEN 887/sshd tcp6 0 0 ::1:25 :::* LISTEN 988/master udp 0 0 127.0.0.1:323 0.0.0.0:* 559/chronyd udp6 0 0 ::1:323 :::* 559/chronyd raw6 0 0 :::58 :::* 7 584/NetworkManager Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 18543 988/master public/flush unix 2 [ ACC ] STREAM LISTENING 18558 988/master public/showq unix 2 [ ACC ] STREAM LISTENING 18514 988/master public/pickup unix 2 [ ACC ] STREAM LISTENING 18518 988/master public/cleanup unix 2 [ ACC ] STREAM LISTENING 18521 988/master public/qmgr unix 2 [ ACC ] STREAM LISTENING 12104 1/systemd /run/lvm/lvmpolld.socket unix 2 [ ACC ] STREAM LISTENING 15692 529/VGAuthService /var/run/vmware/guestServicePipe unix 2 [ ACC ] STREAM LISTENING 12121 1/systemd /run/lvm/lvmetad.socket unix 2 [ ACC ] STREAM LISTENING 11881 1/systemd /run/systemd/private unix 2 [ ACC ] SEQPACKET LISTENING 12139 1/systemd /run/udev/control unix 2 [ ACC ] STREAM LISTENING 14473 1/systemd /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 18525 988/master private/tlsmgr unix 2 [ ACC ] STREAM LISTENING 18528 988/master private/rewrite unix 2 [ ACC ] STREAM LISTENING 18531 988/master private/bounce unix 2 [ ACC ] STREAM LISTENING 18534 988/master private/defer unix 2 [ ACC ] STREAM LISTENING 18537 988/master private/trace unix 2 [ ACC ] STREAM LISTENING 18540 988/master private/verify unix 2 [ ACC ] STREAM LISTENING 18546 988/master private/proxymap unix 2 [ ACC ] STREAM LISTENING 18549 988/master private/proxywrite unix 2 [ ACC ] STREAM LISTENING 18552 988/master private/smtp unix 2 [ ACC ] STREAM LISTENING 18555 988/master private/relay unix 2 [ ACC ] STREAM LISTENING 18561 988/master private/error unix 2 [ ACC ] STREAM LISTENING 18564 988/master private/retry unix 2 [ ACC ] STREAM LISTENING 18567 988/master private/discard unix 2 [ ACC ] STREAM LISTENING 18570 988/master private/local unix 2 [ ACC ] STREAM LISTENING 18573 988/master private/virtual unix 2 [ ACC ] STREAM LISTENING 18576 988/master private/lmtp unix 2 [ ACC ] STREAM LISTENING 18579 988/master private/anvil unix 2 [ ACC ] STREAM LISTENING 18582 988/master private/scache unix 2 [ ACC ] STREAM LISTENING 7659 1/systemd /run/systemd/journal/stdout [root@shu-test ~]#
netstat -an
查看所有的连接状态netstat -lntp
只查看tcp的端口监听(不包含socket)[root@shu-test ~]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 887/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 988/master tcp6 0 0 :::22 :::* LISTEN 887/sshd tcp6 0 0 ::1:25 :::* LISTEN 988/master [root@shu-test ~]#
netstat -lnup
只查看udp的端口监听(不包含socket)[root@shu-test ~]# netstat -lnup Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 127.0.0.1:323 0.0.0.0:* 559/chronyd udp6 0 0 ::1:323 :::* 559/chronyd [root@shu-test ~]#
统计命令
统计netstat下的所有状态的数据;netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}'
[root@shu-test ~]# netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}' LISTEN 4 ESTABLISHED 1 [root@shu-test ~]#
Linux抓包工具
tcpdump工具
安装包yum install -y tcpdump
指定网卡抓包
格式:tcpdump -nn -i 网卡名
tcpdump -nn -i ens33
指定抓取网卡名为ens33的包
18:15:44.680680 IP 192.168.188.1.63319 > 192.168.188.2.22: Flags [.], ack 110393004, win 11469, length 0 18:15:44.680691 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110393004:110393184, ack 16121, win 294, length 180 18:15:44.680773 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110393184:110393476, ack 16121, win 294, length 292 18:15:44.680862 IP 192.168.188.1.63319 > 192.168.188.2.22: Flags [.], ack 110393476, win 11351, length 0 18:15:44.680872 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110393476:110393656, ack 16121, win 294, length 180 18:15:44.680953 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110393656:110393948, ack 16121, win 294, length 292 18:15:44.681036 IP 192.168.188.1.63319 > 192.168.188.2.22: Flags [.], ack 110393948, win 11233, length 0 18:15:44.681046 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110393948:110394128, ack 16121, win 294, length 180 18:15:44.681126 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110394128:110394420, ack 16121, win 294, length 292 18:15:44.681200 IP 192.168.188.1.63319 > 192.168.188.2.22: Flags [.], ack 110394420, win 11115, length 0 18:15:44.681210 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 110394420:110394600, ack 16121, win 294, length 180 ^C 672976 packets captured 672978 packets received by filter 0 packets dropped by kernel [root@shu-test ~]#
其中主要看
192.168.188.1.63319 > 192.168.188.2.22
这一列,前面ip表示ip源与端口,后面ip表示目的ip与端口
指定端口
格式:tcpdump -nn -i [网卡名] port [端口号]
tcpdump -nn -i ens33 port 22
指定抓取网卡名为ens33 端口号为22的包
19:09:40.694055 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 10288736:10288916, ack 1405, win 294, length 180 19:09:40.694109 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 10288916:10289096, ack 1405, win 294, length 180 19:09:40.694163 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 10289096:10289276, ack 1405, win 294, length 180 19:09:40.694216 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 10289276:10289456, ack 1405, win 294, length 180 19:09:40.694274 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 10289456:10289572, ack 1405, win 294, length 116 19:09:40.694396 IP 192.168.188.1.63319 > 192.168.188.2.22: Flags [.], ack 10289456, win 9284, length 0 ^C 60636 packets captured 60637 packets received by filter 0 packets dropped by kernel [root@shu-test ~]#
其他命令
tcpdump -nn -i [网卡名] not port [端口号] and host 192.168.0.100抓取指定网卡名,端口号xx以外的所有端口号,主机名为192.168.0.100的包
指定抓包个数
-c [数值]:tcpdump -nn -i ens33 -c 100
指定抓取100个包;
19:17:40.694337 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 15628:15904, ack 1, win 294, length 276 19:17:40.694447 IP 192.168.188.2.22 > 192.168.188.1.63319: Flags [P.], seq 15904:16084, ack 1, win 294, length 180 100 packets captured 100 packets received by filter 0 packets dropped by kernel [root@shu-test ~]#
指定抓包个数保存到文件
-w [文件路径]:tcpdump -nn -i ens33 -c 10 -w ip.txt
指定抓取10个包保存到当前目录的ip.txt文件;
[root@shu-test abc]# tcpdump -nn -i ens33 -c 10 -w ip.txt tcpdump: listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes 10 packets captured 10 packets received by filter 0 packets dropped by kernel [root@shu-test abc]#
查看抓取的数据包文件内容
无法cat抓取的数据包文件,只能使用tcpdump命令查看;格式:
tcpdump -r ip.txt
[root@shu-test abc]# tcpdump -r ip.txt reading from file ip.txt, link-type EN10MB (Ethernet) 19:22:13.562207 IP shu-test.ssh > 192.168.188.1.63319: Flags [P.], seq 1557505249:1557505397, ack 547063394, win 294, length 148 19:22:13.562796 IP 192.168.188.1.63319 > shu-test.ssh: Flags [.], ack 148, win 16375, length 0 19:22:15.250771 IP6 fe80::1bc:2163:4c7e:5a43.62981 > ff02::1:3.hostmon: UDP, length 22 19:22:15.250816 IP 192.168.188.1.60303 > 224.0.0.252.hostmon: UDP, length 22 19:22:15.451154 IP 192.168.188.1.netbios-ns > 192.168.188.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 19:22:15.989543 IP shu-test.ssh > 192.168.188.1.63319: Flags [.], seq 148:3068, ack 1, win 294, length 2920 19:22:15.989682 IP shu-test.ssh > 192.168.188.1.63319: Flags [P.], seq 3068:3944, ack 1, win 294, length 876 19:22:15.990097 IP 192.168.188.1.63319 > shu-test.ssh: Flags [.], ack 3944, win 16425, length 0 19:22:15.990418 IP 192.168.188.1.63319 > shu-test.ssh: Flags [P.], seq 1:53, ack 3944, win 16425, length 52 19:22:16.030573 IP shu-test.ssh > 192.168.188.1.63319: Flags [.], ack 53, win 294, length 0 [root@shu-test abc]#
tshark 抓包工具
安装包yum install -y wireshark
查看当前http服务器访问的ip以及所访问的http链接
tshark -n -t a -R http.request -T fields -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
相关文章推荐
- free看内存使用,ps看系统进程,netstat查看网络,tcpdump抓包
- 查看进程(ps),查看网络状态(netstat),linux下抓包(tcpdump等),linux网络相关(ifconfig等)
- LINUX学习笔记 监控io性能,free命令,ps命令 ,查看网络状态 ,linux下抓包
- 10.6 监控io性能 10.7 free命令 10.8 ps命令 10.9 查看网络状态 10.10 linux下抓包
- 监控io性能, free命令, ps命令, 查看网络状态, linux下抓包
- 10.6 监控io性能 - 10.7 free命令 - 10.8 ps命令 - 10.9 查看网络状态 - 10.10 linux下抓包
- linux学习第二十八篇:监控io性能,free命令,ps命令,查看网络状态,linux下抓包
- 七周二次课(11月28日) 10.6 监控io性能 10.7 free命令 10.8 ps命令 10.9 查看网络状态 10.10 linux下抓包
- 监控io性能、free、ps、查看网络状态和linux抓包工具
- 监控io性能、free命令、ps命令、查看网络状态、Linux下抓包
- 监控io性能,free,ps,查看网络状态,Linux下抓包
- 七周第二次课 2017.11.28 监控io性能、free命令、ps命令、查看网络状态、linux下抓包
- 10.6 监控io性能 ,free命令,ps命令,查看网络状态,linux下抓包
- 10.6 监控io性能 10.7 free命令 10.8 ps命令 10.9 查看网络状态 10.10 linux下抓包
- 监控io性能、free命令、ps命令、查看网络状态、linux下抓包
- 监控IO性能| free命令 |ps命令 |查看网络状态 |linux下抓包
- 10.6 监控io性能 10.7 free命令 10.8 ps命令 10.9 查看网络状态 10.10 linux下抓包
- 监控io性能、free命令、 ps命令、查看网络状态、linux下抓包
- 监控io性能、free命令、ps命令、查看网络状态、linux下抓包
- 监控io性能、free命令、ps命令、查看网络状态、linux下抓包