以下是这种方式,但只显示没有发送方和接收方的数据:
tcpdump -i ath0 -X | grep -E "str1|str2"
这里的兴趣就是这样一个结果:
ip > ip
SOMEDATA
ip > ip
SOMEDATA
ip > ip
SOMEDATA
tcpdump -nn -q -s 0 -t -l -A port|-i
输出示例:
IP 127.0.0.1.350 > 127.0.0.1.34440: tcp 3696
E...d[@.@............^......M..F...........
.h...h.-HTTP/1.1 400 Bad Request
Server: squid/5.8
Mime-Version: 1.0
Date: Mon, 05 May 2020 12:54:49 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3325
X-Squid-Error: ERR_PROTOCOL_UNKNOWN 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from proxy
X-Cache-Lookup: NONE from proxy:8080
Via: 1.1 proxy(squid/5.8)
Connection: close