(1)报文抓取
Solaris中自带有snoop抓包工具,通过执行相应的命令抓取。
抓取目的地址为10.8.3.250的数据包,并存放到/opt/cap250的文件里
snoop -o /opt/cap250 host 10.8.3.250
(2)报文下载
方法1:使用scp命令,将当前设备上/下的test.cap文件传输到IP为10.8.12.90设备/mnt/hfs1目录下
-bash-3.2# scp /test.cap root@10.8.12.90:/mnt/hfs1/test.cap
The authenticity of host '10.8.12.90 (10.8.12.90)' can't be established.
RSA key fingerprint is ed:d6:cc:15:2b:15:c2:af:0f:c2:b0:4d:44:08:09:ca.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.8.12.90' (RSA) to the list of known hosts.
root@10.8.12.90's password:
test.cap 100% |************************************************************************| 18320 00:00 方法2:使用SSH Secure File Transfer Client下载到本地;