Linux command
ipaggcreate 命令
网络
涉及管道、覆盖或删除,执行前请先确认路径和参数。
常用示例
Aggregate IP addresses from a dump file
ipaggcreate [input.dump] > [output.agg]
Create aggregates from pcap file
ipaggcreate -r [capture.pcap] > [output.agg]
Aggregate by source IP address
ipaggcreate --src [input.dump]
Aggregate by destination IP address
ipaggcreate --dst [input.dump]
Aggregate by TCP/UDP flows
ipaggcreate --flows -r [capture.pcap]
Count bytes instead of packets
ipaggcreate --bytes [input.dump]
说明
ipaggcreate reads IP packets from one or more data sources, maps each packet to a label (such as source address, destination address, or flow), and outputs an aggregate file reporting the number of packets or bytes observed per label. This tool is part of the ipsumdump package and works in conjunction with ipsumdump and ipaggmanip for network traffic analysis and summarization.
参数
- -r, --tcpdump _FILE_
- Read from one or more tcpdump/pcap files
- -s, --src
- Label by IP source address
- -d, --dst
- Label by IP destination address (default)
- --flows
- Label by TCP or UDP flow
- --address-pairs
- Label by address pair
- --packets
- Count packets per label (default)
- -B, --bytes
- Count bytes per label (IP and transport headers included, link headers excluded)
- -o, --output _FILE_
- Write output to file instead of stdout
- -f, --filter _FILTER_
- Include only packets matching a tcpdump filter expression
- -b, --binary
- Write summary in binary format
- -A, --anonymize
- Anonymize IP addresses in output
- -t, --interval _TIME_
- Stop after recording aggregate data for specified duration
- -q, --quiet
- Suppress progress bar output
FAQ
What is the ipaggcreate command used for?
ipaggcreate reads IP packets from one or more data sources, maps each packet to a label (such as source address, destination address, or flow), and outputs an aggregate file reporting the number of packets or bytes observed per label. This tool is part of the ipsumdump package and works in conjunction with ipsumdump and ipaggmanip for network traffic analysis and summarization.
How do I run a basic ipaggcreate example?
Run `ipaggcreate [input.dump] > [output.agg]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -r, --tcpdump _FILE_ do in ipaggcreate?
Read from one or more tcpdump/pcap files