tcpdump用法
-i eth0 表示网卡
-A 表示转为ascii码
-n 表示不要转域名,用ip就好
host 后面加IP地址
查看nginx是长连接还是短连接:
[root@nginx01 ~]# tcpdump -i eth0 -A host 192.168.156.44 -n | grep HTTP
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
.oJ&...ePOST /v2/story/comic/xxx/top HTTP/1.1
...}.oJ&HTTP/1.1 200 OK
.oN.....POST /v1/story/xxx HTTP/1.1
.....oN.HTTP/1.1 200 OK
.oN....:POST /v1/story/xxx HTTP/1.1
...[.oN.HTTP/1.1 200 OK
.oR....BPOST /v2/story/comic/xxx/top HTTP/1.1
.oS....MPOST /v1/story/xxx HTTP/1.1
...`.oR.HTTP/1.1 200 OK
结果:
HTTP/1.1 实锤