-
Notifications
You must be signed in to change notification settings - Fork 2
Wireshark
William Zhang edited this page Oct 22, 2016
·
1 revision
Wireshark has a GUI both on Windows and Linux. It is convenient to capture and decode the network packets, esp. for those application protocols. It also support a CLI interface named tshark. Here are some examples.
$ sudo tshark -i bond0 -f 'tcp port 3306' # Capture tcp port=3306, that is MySQL. -V output more. $ sudo tshark -i bond0 -f 'tcp port 3306' -w tshark.txt # And write the output to file tshark.txt. $ sudo tshark -r tshark.txt -d tcp.port==3306,mysql -V # Decode the file as MySQL's protocol.
Created by Wenliang Zhang.