手机抓包工具(抓包工具)
红色的比较重要。读一下这些工具的源码。
iperf:网络性能测试工具
https://iperf.fr/iperf-doc.php
-t:指定监听时间(s)
-i:指定打印间隔(s)
默认Tcp窗口大小为128KB
监听30s,每隔2s打印一次。
-w :指定TCP窗口大小
改变窗口大小看看:
-n:发送多少数据
-m: --print_mss
tcpdump
标志中C表示cache
tcpdump过滤协议:
tcpdump中三种逻辑运算,取非运算是 not ! , 与运算是and,&&;或运算 是or ,||;
使用and、&&
arp
ethtool
ethtool ens33:查询网口基本信息,包括速率、双工、自协商信息等。
下面这个Link detected:yes表示这个网口是接了网线的。
root@hy-virtual-machine:~# ethtool ens33
Settings for ens33:
Supported ports: [ TP ]
// 支持模式
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes // 支持自动协商
Supported FEC modes: Not reported
// 通告模式
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes // 使用自动协商
Advertised FEC modes: Not reported
Speed: 1000Mb/s // 当前速率 1000Mb/s
Duplex: Full // 工作模式为全双工
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on // 自动协商打开
MDI-X: off (auto)
Supports Wake-on: d
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes //端口接了网线
ethtool -i ens33:查询网卡驱动信息
ethtool -d ens33:查询网路设备寄存器信息
root@hy-virtual-machine:~# ethtool -d ens33
MAC Registers
-------------
0x00000: CTRL (Device control register) 0x00C00249 //控制寄存器
Endian mode (buffers): little
Link reset: reset
Set link up: 1
Invert Loss-Of-Signal: no
Receive flow control: disabled
Transmit flow control: disabled
VLAN mode: disabled
Auto speed detect: disabled
Speed select: 1000Mb/s
Force speed: no
Force duplex: no
0x00008: STATUS (Device status register) 0x0000CB83 //状态寄存器
Duplex: full
Link up: link config
TBI mode: disabled
Link speed: 1000Mb/s
Bus type: PCI
Bus speed: 66MHz
Bus width: 32-bit
0x00100: RCTL (Receive control register) 0x00008002 //接收控制寄存器
Receiver: enabled
Store bad packets: disabled
UNICast promiscuous: disabled
Multicast promiscuous: disabled
Long packet: disabled
Descriptor minimum threshold size: 1/2
Broadcast accept mode: accept
VLAN filter: disabled
Canonical form indicator: disabled
Discard pause frames: filtered
Pass MAC control frames: dont pass
Receive buffer size: 2048
0x02808: RDLEN (Receive desc length) 0x00001000
0x02810: RDH (Receive desc head) 0x00000092
0x02818: RDT (Receive desc tail) 0x00000090
0x02820: RDTR (Receive delay timer) 0x00000000
0x00400: TCTL (Transmit ctrl register) 0x0103F0FA
Transmitter: enabled
Pad short packets: enabled
Software XOFF Transmission: disabled
Re-transmit on late collision: enabled
0x03808: TDLEN (Transmit desc length) 0x00001000
0x03810: TDH (Transmit desc head) 0x00000027
0x03818: TDT (Transmit desc tail) 0x00000027
0x03820: TIDV (Transmit delay timer) 0x00000008
PHY type: M88
M88 PHY STATUS REGISTER: 0x0000AC00
Jabber: no
Polarity: normal
Downshifted: no
MDI/MDIX: MDI
Cable Length Estimate: 0-50 meters
Link State: Up
Speed & Duplex Resolved: Yes
Page Received: No
Duplex: Full
Speed: 1000 mbps
M88 PHY CONTROL REGISTER: 0x00000B68
Jabber function: enabled
Auto-polarity: disabled
SQE Test: disabled
CLK125: enabled
Auto-MDIX: auto
Extended 10Base-T Distance: disabled
100Base-TX Interface: 5-bit
Scrambler: disabled
Force Link Good: disabled
Assert CRS on Transmit: enabled
ethtool - S ens33:查询网口收发包统计信息
root@hy-virtual-machine:~# ethtool -S ens33
NIC statistics:
rx_packets: 348285
tx_packets: 167633
rx_bytes: 295334312
tx_bytes: 29736337
rx_broadcast: 0
tx_broadcast: 0
rx_multicast: 0
tx_multicast: 0
rx_errors: 0
tx_errors: 0
tx_dropped: 0
multicast: 0
collisions: 0
rx_length_errors: 0
rx_over_errors: 0
rx_crc_errors: 0
rx_frame_errors: 0
rx_no_buffer_count: 0
rx_missed_errors: 0
tx_aborted_errors: 0
tx_carrier_errors: 0
tx_fifo_errors: 0
tx_heartbeat_errors: 0
tx_window_errors: 0
tx_abort_late_coll: 0
tx_deferred_ok: 0
tx_single_coll_ok: 0
tx_multi_coll_ok: 0
tx_timeout_count: 0
tx_restart_queue: 0
rx_long_length_errors: 0
rx_short_length_errors: 0
rx_align_errors: 0
tx_tcp_seg_good: 1390
tx_tcp_seg_failed: 0
rx_flow_control_xon: 0
rx_flow_control_xoff: 0
tx_flow_control_xon: 0
tx_flow_control_xoff: 0
rx_long_byte_count: 295334312
rx_csum_offload_good: 261684
rx_csum_offload_errors: 1
alloc_rx_buff_failed: 0
tx_smbus: 0
rx_smbus: 0
dropped_smbus: 0
ethtool -s ens33 autoneg off speed 100 duplex full :设置网口工作速率、双工、自协商
root@hy-virtual-machine:~# ethtool -s ens33 autoneg off speed 100 duplex full
root@hy-virtual-machine:~# ethtool ens33
Settings for ens33:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Advertised FEC modes: Not reported
Speed: 100Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: off
MDI-X: off (auto)
Supports Wake-on: d
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes
ip命令
ip -s link ls ens33:查看端口收发包信息
root@hy-virtual-machine:~# ip -s link ls ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:59:dd:f5 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
294140472 351070 0 16228 0 0
TX: bytes packets errors dropped carrier collsns
29853978 168800 0 0 0 0
ip link show:查看端口二层信息
root@hy-virtual-machine:~# ip link show
1: lo: <loopback,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:59:dd:f5 brd ff:ff:ff:ff:ff:ff
ip addr show:查看端口二三层信息
root@hy-virtual-machine:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:59:dd:f5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.6/24 brd 192.168.1.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 2409:8a4d:c52:60e0:d04:f582:6766:6078/64 scope global temporary dynamic
valid_lft 258924sec preferred_lft 82304sec
inet6 2409:8a4d:c52:60e0:9cb5:72a9:1d3f:a4d3/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 258924sec preferred_lft 172524sec
inet6 fe80::cfbd:7121:57cc:56f4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
nmap:重要
root@hy-virtual-machine:~# nmap -v localhost
Starting Nmap 7.80 ( https://nmap.org ) at 2020-06-01 21:27 CST
Initiating SYN Stealth Scan at 21:27
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 139/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 445/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Completed SYN Stealth Scan at 21:27, 0.08s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000090s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
Raw packets sent: 1000 (44.000KB) | Rcvd: 2004 (84.176KB)
nslookup:
域名解析
root@hy-virtual-machine:~# nslookup www.baidu.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 36.152.44.96
Name: www.a.shifen.com
Address: 36.152.44.95
Name: www.a.shifen.com
Address: ::1
免责声明:本文仅代表文章作者的个人观点,与本站无关。其原创性、真实性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容文字的真实性、完整性和原创性本站不作任何保证或承诺,请读者仅作参考,并自行核实相关内容。
