sudo tcpdump -nt -i lo  #抓取本地回路上的数据包

先运行上面的命令,然后再另一个终端运行下图所示的命令;

[root@linux 5]# sudo tcpdump -nt -i lo
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [S], seq 4121980321, win 32792, options [mss 16396,sackOK,TS val 19864133 ecr 0,nop,wscale 5], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [S.], seq 2207362318, ack 4121980322, win 32768, options [mss 16396,sackOK,TS val 19864133 ecr 19864133,nop,wscale 5], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 1, win 1025, options [nop,nop,TS val 19864133 ecr 19864133], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 1:28, ack 1, win 1025, options [nop,nop,TS val 19864159 ecr 19864133], length 27
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 28, win 1024, options [nop,nop,TS val 19864159 ecr 19864159], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 1:13, ack 28, win 1024, options [nop,nop,TS val 19864345 ecr 19864159], length 12
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 13, win 1025, options [nop,nop,TS val 19864345 ecr 19864345], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 13:52, ack 28, win 1024, options [nop,nop,TS val 19864346 ecr 19864345], length 39
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 52, win 1025, options [nop,nop,TS val 19864346 ecr 19864346], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 28:174, ack 52, win 1025, options [nop,nop,TS val 19864347 ecr 19864346], length 146
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 174, win 1058, options [nop,nop,TS val 19864347 ecr 19864347], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 52:55, ack 174, win 1058, options [nop,nop,TS val 19864348 ecr 19864347], length 3
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 174:177, ack 55, win 1025, options [nop,nop,TS val 19864348 ecr 19864348], length 3
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 55:153, ack 177, win 1058, options [nop,nop,TS val 19864350 ecr 19864348], length 98
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 177:180, ack 153, win 1025, options [nop,nop,TS val 19864350 ecr 19864350], length 3
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 180, win 1058, options [nop,nop,TS val 19864390 ecr 19864350], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.U], seq 153:154, ack 180, win 1058, urg 1, options [nop,nop,TS val 19864548 ecr 19864350], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 154:155, ack 180, win 1058, options [nop,nop,TS val 19864548 ecr 19864350], length 1
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 155, win 1025, options [nop,nop,TS val 19864549 ecr 19864548], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 155:162, ack 180, win 1058, options [nop,nop,TS val 19864587 ecr 19864549], length 7
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 162, win 1025, options [nop,nop,TS val 19864627 ecr 19864587], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 180:181, ack 162, win 1025, options [nop,nop,TS val 19897038 ecr 19864587], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 181, win 1058, options [nop,nop,TS val 19897038 ecr 19897038], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 162:163, ack 181, win 1058, options [nop,nop,TS val 19897040 ecr 19897038], length 1
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 163, win 1025, options [nop,nop,TS val 19897040 ecr 19897040], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 181:182, ack 163, win 1025, options [nop,nop,TS val 19897381 ecr 19897040], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 163:164, ack 182, win 1058, options [nop,nop,TS val 19897383 ecr 19897381], length 1
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 164, win 1025, options [nop,nop,TS val 19897383 ecr 19897383], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 182:183, ack 164, win 1025, options [nop,nop,TS val 19897526 ecr 19897383], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 164:165, ack 183, win 1058, options [nop,nop,TS val 19897528 ecr 19897526], length 1
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 165, win 1025, options [nop,nop,TS val 19897528 ecr 19897528], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 183:184, ack 165, win 1025, options [nop,nop,TS val 19897642 ecr 19897528], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 165:166, ack 184, win 1058, options [nop,nop,TS val 19897644 ecr 19897642], length 1
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 166, win 1025, options [nop,nop,TS val 19897644 ecr 19897644], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 184:186, ack 166, win 1025, options [nop,nop,TS val 19897965 ecr 19897644], length 2
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 166:168, ack 186, win 1058, options [nop,nop,TS val 19897968 ecr 19897965], length 2
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 168, win 1025, options [nop,nop,TS val 19897968 ecr 19897968], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 168:178, ack 186, win 1058, options [nop,nop,TS val 19898075 ecr 19897968], length 10
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 178, win 1025, options [nop,nop,TS val 19898075 ecr 19898075], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 186:187, ack 178, win 1025, options [nop,nop,TS val 19899974 ecr 19898075], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 187, win 1058, options [nop,nop,TS val 19900014 ecr 19899974], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 187:188, ack 178, win 1025, options [nop,nop,TS val 19900310 ecr 19900014], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 188, win 1058, options [nop,nop,TS val 19900310 ecr 19900310], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 188:189, ack 178, win 1025, options [nop,nop,TS val 19900606 ecr 19900310], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 189, win 1058, options [nop,nop,TS val 19900606 ecr 19900606], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 189:190, ack 178, win 1025, options [nop,nop,TS val 19900901 ecr 19900606], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 190, win 1058, options [nop,nop,TS val 19900901 ecr 19900901], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 190:191, ack 178, win 1025, options [nop,nop,TS val 19901206 ecr 19900901], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 191, win 1058, options [nop,nop,TS val 19901206 ecr 19901206], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 191:192, ack 178, win 1025, options [nop,nop,TS val 19901494 ecr 19901206], length 1
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 192, win 1058, options [nop,nop,TS val 19901494 ecr 19901494], length 0
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [P.], seq 192:194, ack 178, win 1025, options [nop,nop,TS val 19902125 ecr 19901494], length 2
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [.], ack 194, win 1058, options [nop,nop,TS val 19902125 ecr 19902125], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 178:180, ack 194, win 1058, options [nop,nop,TS val 19902127 ecr 19902125], length 2
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 180, win 1025, options [nop,nop,TS val 19902127 ecr 19902127], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 180:228, ack 194, win 1058, options [nop,nop,TS val 19902836 ecr 19902127], length 48
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 228, win 1025, options [nop,nop,TS val 19902836 ecr 19902836], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 228:245, ack 194, win 1058, options [nop,nop,TS val 19903150 ecr 19902836], length 17
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 245, win 1025, options [nop,nop,TS val 19903150 ecr 19903150], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 245:253, ack 194, win 1058, options [nop,nop,TS val 19903152 ecr 19903150], length 8
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 253, win 1025, options [nop,nop,TS val 19903152 ecr 19903152], length 0
IP 127.0.0.1.telnet > 127.0.0.1.38508: Flags [P.], seq 253:269, ack 194, win 1058, options [nop,nop,TS val 19903154 ecr 19903152], length 16
IP 127.0.0.1.38508 > 127.0.0.1.telnet: Flags [.], ack 269, win 1025, options [nop,nop,TS val 19903154 ecr 19903154], length 0

该数据包描述的是一个ip数据包。

由于我们使用telnet登录本机,所以ip数据包源端ip地址和目的ip地址都是“127.0.0.1”。telnet服务器程序使用的端口号是23(参见/etc/service文件),而telnet客户端

程序使用临时端口号38508与服务器进行通信。关于临时端口,"Flags","seq"等描述的都是TCP头部信息,我们将在第三章写出!

使用tcpdump观察IPV4头部结构的更多相关文章

  1. IPv4头部结构

    2.2 IPv4头部结构 2.2.1 IPv4头部结构 IPv4的头部结构如图2-1所示.其长度通常为20字节,除非含有可变长的选项部分. 4位版本号(version)指定IP协议的版本.对IPv4来 ...

  2. IPv4头部结构具体解释

    IPv4头部结构具体解释 下面为书中原文摘录: $(function () { $('pre.prettyprint code').each(function () { var lines = $(t ...

  3. TCP头部结构

    3.2 TCP头部结构 TCP头部信息出现在每个TCP报文段中,用于指定通信的源端端口,目的端端口,管理TCP连接等,本节详细介绍TCP的头部结构,包括固定头部结构和头部选项. 3.2.1 TCP固定 ...

  4. TCP/IP协议头部结构体(网摘小结)(转)

    源:TCP/IP协议头部结构体(网摘小结) TCP/IP协议头部结构体(转) 网络协议结构体定义 // i386 is little_endian. #ifndef LITTLE_ENDIAN #de ...

  5. TCP/IP协议头部结构体

    TCP/IP协议头部结构体(转) 网络协议结构体定义 // i386 is little_endian. #ifndef LITTLE_ENDIAN #define LITTLE_ENDIAN (1) ...

  6. ipv4头部分析,读书笔记3

    ip头部最长是60字节,前面的20字节是固定的,选项可加上40字节 4位版本号--- 对于ipv4来说呢,就是4 4位头部长度 ---  表示 有多小个32bit(4字节),4位最大表示数是15啦,也 ...

  7. Linux 使用tcpdump观察arp通信过程

    ARP协议简介: ARP协议能实现任意网络层地址到任意物理地址的转换,此次讨论从IP地址到以太网地址(MAC地址)的转换.其工作原理是:主机向自己所在的网络广播一个ARP请求,该请求包含目标机器的网络 ...

  8. IPv4地址结构体sockaddr_in详解

    sockaddr_in结构体定义 struct sockaddr_in { sa_family_t sin_family; //地址族(Address Family) uint16_t sin_por ...

  9. tcp/ip通信中tcp头部结构tcphdrp->check校验计算

    通过raw socket修改通信数据后,可通过函数 set_tcp_checksum1(iph); 重新校验计算iph->check值 在http://www.cnblogs.com/dpf-1 ...

随机推荐

  1. 【Linux】linux bash shell之变量替换::=句法、=句法、:-句法、-句法、=?句法、?句法、:+句法、+句法

    linux bash shell之变量替换::=句法.=句法.:-句法.-句法.=?句法.?句法.:+句法.+句法   linux bash shell之变量替换::=句法.=句法.:-句法.-句法. ...

  2. (转)Loader ,URLLoader ,URLStream的区别

    AS3代码   (1)  Loader              Loader 类可用于加载 SWF 文件或图像(JPG.PNG 或 GIF)文件. 使用 load() 方法来启动加载. 被加载的显示 ...

  3. 【ichartjs】爬取理想论坛前30页帖子获得每个子贴的发帖时间,总计83767条数据进行统计,生成统计图表

    统计数据如下: {': 2451} 图形化后效果如下: 源码: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//E ...

  4. PreviewMouseLeftButtonDown 与 MouseLeftButtonDown

    现在有3个按钮,Button1,Button2,Button3,Button1包含Button2,Button2包含Button3,每个按钮都注册事件PreviewMouseLeftButtonDow ...

  5. Maven项目结合POI导出Excl表格Demo-亲测可用

    Maven项目结合POI导出Excl表格 一.POM文件添加依赖 <!-- https://mvnrepository.com/artifact/org.apache.poi/poi --> ...

  6. Myeclipse2013下载,安装,破解,介绍(CSDN首发)

    MyEclipse 2013新特性 根据官方最新消息,MyEclipse 2013已经正式发布!MyEclipse 2013支持HTML5.JQuery和主流的Javascript 库. 随着MyEc ...

  7. POI生成EXCEL文件(字体、样式、单元格合并、计算公式)

    创建一个封装类: package com.jason.excel; import java.io.FileNotFoundException; import java.io.FileOutputStr ...

  8. Python模块学习 --- urllib

    urllib模块提供的上层接口,使我们可以像读取本地文件一样读取www和ftp上的数据.每当使用这个模块的时候,老是会想起公司产品的客户端,同事用C++下载Web上的图片,那种“痛苦”的表情.我以前翻 ...

  9. 错误代码: 1066 Not unique table/alias: &#39;c&#39;

    1.错误描写叙述 1 queries executed, 0 success, 1 errors, 0 warnings 查询:SELECT (SELECT CONCAT( s.name, '/', ...

  10. Windows Store GIF player 诞生记

    在Win8上面,Image source切换的时候有bug.当我们短时间定时切换的时候,Image不能正常地显示对应的图片.Image控件又不支持GIF播放,所以GIF图片的播放就是一个非常头痛的问题 ...