Linux command
ipsumdump 命令
网络
复制后可按需替换文件名、目录或参数。
常用示例
Dump summary of packets
ipsumdump -r [capture.pcap]
Capture live traffic
sudo ipsumdump -i [eth0]
Extract source and destination IPs
ipsumdump -r [capture.pcap] --src --dst
Output timestamp, source, destination, and protocol
ipsumdump -r [capture.pcap] --timestamp --src --dst --proto
Filter packets
ipsumdump -r [capture.pcap] --filter '[tcp port 80]' --src --dst
Output in specific format
ipsumdump -r [capture.pcap] --src --sport --dst --dport --length
说明
ipsumdump summarizes network traffic by extracting and displaying selected fields from packet headers. It reads from pcap files or captures live traffic, producing compact text output suitable for further processing. The tool is designed for network analysis and measurement, producing ASCII output with one line per packet. It's particularly useful for creating datasets for analysis, generating aggregate statistics, or extracting specific packet fields.
参数
- -r _file_
- Read from pcap file
- -i _interface_
- Capture live traffic from interface
- --filter _expression_
- BPF filter expression
- --src
- Output source IP address
- --dst
- Output destination IP address
- --sport
- Output source port
- --dport
- Output destination port
- --proto
- Output IP protocol
- --timestamp
- Output packet timestamp
- --length
- Output packet length
- --payload
- Output payload data
- --no-promiscuous
- Don't set interface to promiscuous mode
- -o _file_
- Write output to file
FAQ
What is the ipsumdump command used for?
ipsumdump summarizes network traffic by extracting and displaying selected fields from packet headers. It reads from pcap files or captures live traffic, producing compact text output suitable for further processing. The tool is designed for network analysis and measurement, producing ASCII output with one line per packet. It's particularly useful for creating datasets for analysis, generating aggregate statistics, or extracting specific packet fields.
How do I run a basic ipsumdump example?
Run `ipsumdump -r [capture.pcap]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -r _file_ do in ipsumdump?
Read from pcap file