前台命令
sudo tcpdump -i eth0 tcp and port 6379 -n -nn -s0 -tttt -w redis.cap
后台命令
sudo tcpdump -i eth0 -n -nn -s0 -C50 -W 400 tcp and port 6379 -Z root &
启动抓包
$ ./redis-cli -h xxx -p 6379 -a xxx
set abc12345abcd kkkkkkkkkkkk
del abc12345abcd
del abc12345abcd
结果包,报文内容已经被解析了可以直接观察key值,处理问题很方便
IP Client > Server: Flags [.], ack 9200, win 372, options [nop,nop,TS val 436096603 ecr 3408210638], length 0
IP Client > Server: Flags [P.], seq 53:104, ack 9200, win 372, options [nop,nop,TS val 436107785 ecr 3408210638], length 51: RESP "set" "abc12345abcd" "kkkkkkkkkkkk"
IP Server > Client: Flags [.], ack 104, win 171, options [nop,nop,TS val 3408221821 ecr 436107785], length 0
IP Server > Client: Flags [P.], seq 9200:9205, ack 104, win 171, options [nop,nop,TS val 3408221821 ecr 436107785], length 5: RESP "OK"
IP Client > Server: Flags [.], ack 9205, win 372, options [nop,nop,TS val 436107827 ecr 3408221821], length 0
IP Client > Server: Flags [P.], seq 104:136, ack 9205, win 372, options [nop,nop,TS val 436112554 ecr 3408221821], length 32: RESP "del" "abc12345abcd"
IP Server > Client: Flags [.], ack 136, win 171, options [nop,nop,TS val 3408226590 ecr 436112554], length 0
IP Server > Client: Flags [P.], seq 9205:9209, ack 136, win 171, options [nop,nop,TS val 3408226591 ecr 436112554], length 4: RESP "1"
IP Client > Server: Flags [.], ack 9209, win 372, options [nop,nop,TS val 436112556 ecr 3408226591], length 0
IP Client > Server: Flags [P.], seq 136:168, ack 9209, win 372, options [nop,nop,TS val 436113234 ecr 3408226591], length 32: RESP "del" "abc12345abcd"
IP Server > Client: Flags [.], ack 168, win 171, options [nop,nop,TS val 3408227270 ecr 436113234], length 0
IP Server > Client: Flags [P.], seq 9209:9213, ack 168, win 171, options [nop,nop,TS val 3408227271 ecr 436113234], length 4: RESP "0"
redis网络协议