Aşağıdaki tcpdump komutunu kullanıyorum:
tcpdump -w net75.out -s 0 host 65.207.95.222
Tek bir ana bilgisayardaki filtreyi aşağıdaki alt ağdaki tüm adresler olarak değiştirmek istiyorum:
65.192.0.0/10
Bunu yapmak için bir tcpdump filtresinin nasıl belirtileceğini çözemedim.
Tavsiye lütfen.
Yanıtlar:
Bunu yerine dene.
tcpdump -w net75.out -s 0 net 65.192.0.0/10
dst net net
True if the IPv4/v6 destination address of the packet has a net-
work number of net. Net may be either a name from the networks
database (/etc/networks, etc.) or a network number. An IPv4
network number can be written as a dotted quad (e.g.,
192.168.1.0), dotted triple (e.g., 192.168.1), dotted pair (e.g,
172.16), or single number (e.g., 10); the netmask is
255.255.255.255 for a dotted quad (which means that it's really
a host match), 255.255.255.0 for a dotted triple, 255.255.0.0
for a dotted pair, or 255.0.0.0 for a single number. An IPv6
network number must be written out fully; the netmask is
ff:ff:ff:ff:ff:ff:ff:ff, so IPv6 "network" matches are really
always host matches, and a network match requires a netmask
length.
src net net
True if the IPv4/v6 source address of the packet has a network
number of net.
net net
True if either the IPv4/v6 source or destination address of the
packet has a network number of net.
net net mask netmask
True if the IPv4 address matches net with the specific netmask.
May be qualified with src or dst. Note that this syntax is not
valid for IPv6 net.
net net/len
True if the IPv4/v6 address matches net with a netmask len bits
wide. May be qualified with src or dst.