What is the use of the linux packet capture command tcpdump? -Linux operation and maintenance

The linux packet capture command tcpdump is used to dump network transmission data, which can completely intercept the “header” of the data packet transmitted in the network for analysis; it supports network layer, protocol, host, network or port Filter and provide logical statements such as and, or, not to help you remove useless information. The time it takes for the packet to pass from the physical line to the kernel, and the interrupt processing time the kernel spends on this packet are not counted. command use tcpdump adopts the command line mode, and its command format is: tcpdump [ -AdDeflLnNOpqRStuUvxX ] [ -c count ] [ -C file_size ] [ -F file ] [ -i ] [ -m module ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -E spi@ipaddr algo:secret,… ] [ -y datalinktype ] [ -Z user ] [ expression ] Introduction to simple options of tcpdump -A Displays each data packet in ASCII code (the link layer header information in the data packet will not be displayed). When capturing data packets containing web page data, it is convenient to view…