{"id":6285,"date":"2020-01-19T20:00:10","date_gmt":"2020-01-19T12:00:10","guid":{"rendered":"https:\/\/www.linuxcool.com\/?p=6285"},"modified":"2020-01-21T16:31:53","modified_gmt":"2020-01-21T08:31:53","slug":"ngrep","status":"publish","type":"post","link":"https:\/\/www.linuxcool.com\/ngrep","title":{"rendered":"ngrep\u547d\u4ee4 &#8211; \u6570\u636e\u5305\u5339\u914d\u548c\u663e\u793a\u5de5\u5177"},"content":{"rendered":"\n<p>ngrep\u547d\u4ee4\u662fgrep\u547d\u4ee4\u7684\u7f51\u7edc\u7248\uff0c\u4ed6\u529b\u6c42\u66f4\u591a\u7684grep\u7279\u5f81\uff0c\u7528\u4e8e\u641c\u5bfb\u6307\u5b9a\u7684\u6570\u636e\u5305\u3002\u6b63\u7531\u4e8e\u5b89\u88c5ngrep\u9700\u7528\u5230libpcap\u5e93\uff0c \u6240\u4ee5\u652f\u6301\u5927\u91cf\u7684\u64cd\u4f5c\u7cfb\u7edf\u548c\u7f51\u7edc\u534f\u8bae\u3002\u80fd\u8bc6\u522bTCP\u3001UDP\u548cICMP\u5305\uff0c\u7406\u89e3bpf\u7684\u8fc7\u6ee4\u673a\u5236\u3002<\/p>\n\n\n\n<p><strong>\u8bed\u6cd5\u683c\u5f0f\uff1a<\/strong>ngrep [\u53c2\u6570]<\/p>\n\n\n\n<p><strong>\u5e38\u7528\u53c2\u6570\uff1a<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>-i<\/td><td>\u5ffd\u7565\u5927\u5c0f\u5199<\/td><\/tr><tr><td>-o<\/td><td>\u5c06\u5339\u914d\u7684\u6570\u636e\u4fdd\u5b58\u5230\u6587\u4ef6<\/td><\/tr><tr><td>-c<\/td><td>\u5f3a\u5236\u663e\u793a\u5217\u7684\u5bbd\u5ea6<\/td><\/tr><tr><td>-L<\/td><td>\u67e5\u8be2\u7f51\u5361\u63a5\u53e3<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>\u53c2\u8003\u5b9e\u4f8b<\/strong><\/p>\n\n\n\n<p>\u6355\u6349amazon\uff1a80\u7aef\u53e3\u7684request\u548cresponse\u3002-d eth0\u662f\u7528\u6765\u76d1\u542c\u5bf9\u5916\u7684\u7f51\u5361\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@linuxcool ~]# ngrep -W byline -d eth0 port 80<\/pre>\n\n\n\n<p>\u6355\u6349\u6240\u6709\u7684\u5305\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[root@linuxcool ~]# ngrep '[a-zA-Z]' -t -W byline -d any tcp port 18080<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>ngrep\u547d\u4ee4\u662fgrep\u547d\u4ee4\u7684\u7f51\u7edc\u7248\uff0c\u4ed6\u529b\u6c42\u66f4\u591a\u7684grep\u7279\u5f81\uff0c\u7528\u4e8e\u641c\u5bfb\u6307\u5b9a\u7684\u6570\u636e\u5305\u3002\u6b63\u7531\u4e8e\u5b89\u88c5ngrep\u9700\u7528 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/posts\/6285"}],"collection":[{"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/comments?post=6285"}],"version-history":[{"count":3,"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/posts\/6285\/revisions"}],"predecessor-version":[{"id":6548,"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/posts\/6285\/revisions\/6548"}],"wp:attachment":[{"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/media?parent=6285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/categories?post=6285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.linuxcool.com\/wp-json\/wp\/v2\/tags?post=6285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}