Linux command
netsniff-ng 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Capture packets
netsniff-ng -i [eth0] -o [capture.pcap]
Read pcap file
netsniff-ng -i [capture.pcap]
Filter packets
netsniff-ng -i [eth0] -f "[tcp port 80]"
High-speed capture
netsniff-ng -i [eth0] --ring-size [64MB] -o [capture.pcap]
Show packet details
netsniff-ng -i [eth0] -V
Capture to directory
netsniff-ng -i [eth0] -P [output/]
说明
netsniff-ng is a high-performance packet sniffer. It uses zero-copy mechanisms for speed. The tool captures at line rate. Supports BPF filtering and pcap output.
参数
- -i _INPUT_
- Input interface or file.
- -o _OUTPUT_
- Output file.
- -f _FILTER_
- BPF filter expression.
- --ring-size _SIZE_
- Ring buffer size.
- -V
- Verbose packet display.
- -P _DIR_
- Output directory.
- --help
- Display help information.
FAQ
What is the netsniff-ng command used for?
netsniff-ng is a high-performance packet sniffer. It uses zero-copy mechanisms for speed. The tool captures at line rate. Supports BPF filtering and pcap output.
How do I run a basic netsniff-ng example?
Run `netsniff-ng -i [eth0] -o [capture.pcap]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -i _INPUT_ do in netsniff-ng?
Input interface or file.