• tcpdump抓包


    tcpdump是linux下的一个抓包工具,作用主要有

    1.过滤物理口

    2.过滤某个port/ip/mac

    3.过滤协议

    4.显示ip/mac/port不解析等

    过滤某个物理口(网卡)

    # 抓取eth0网卡的数据包
    tcpdump -i eth0
    

    过滤ip

    # 抓取所有经过eth0,目的或源地址是192.168.1.12的数据包
    tcpdump -i eth0 host 192.168.0.1
    
    # 抓取所有经过eth0,源地址是192.168.1.12的数据包
    tcpdump -i eth0 src host 192.168.0.1
    
    # 抓取所有经过eth0,目的地址是192.168.1.12的数据包
    tcpdump -i eth0 dst host 192.168.0.1
    
    # 过滤网段
    tcpdump -i eth0 net 192.168
    tcpdump -i eth0 src net 192.168
    tcpdump -i eth0 dst net 192.168
    

    过滤port

    # 抓取所有经过eth0,目的端口是25的数据包
    tcpdump -i eth0 port 25
    
    # 过滤端口范围
    tcpdump portrange 22-125
    
    # 源端口
    tcpdump -i eth0 src port 25
    
    # 目的端口
    tcpdump -i eth0 dst port 25
    
    # 过滤8000端口的ip为192.168.1.2的数据包(可以使用逻辑表达式)
    tcpdump port 8000 and src host 192.168.1.2
    

    过滤协议

    # 过滤ssh协议
    tcpdump -i eth0 ssh
    

    常用表达式

    非: !/not
    且: &&/and
    或: ||/or
    
    # 过滤非22端口
    tcpdump -i eth0 ! port 22
    

    实操

    查看参数

    tcpdump -h
    
    tcpdump version 4.5.1
    libpcap version 1.5.3
    Usage: tcpdump [-aAbdDefhHIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
    		[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
    		[ -i interface ] [ -j tstamptype ] [ -M secret ]
    		[ -P in|out|inout ]
    		[ -r file ] [ -s snaplen ] [ -T type ] [ -V file ] [ -w file ]
    		[ -W filecount ] [ -y datalinktype ] [ -z command ]
    		[ -Z user ] [ expression ]
    

    抓包

    tcpdump -i eth0 -s 0 -w a.cap
    

    其中:-s 0 表示包有多大,抓取的数据就有多大;-w a.cap表示存取到a.cap中

    另开一个窗口ping 8.8.8.8几秒后停止抓包,查看tcpdump的窗口

    ➜  /tmp tcpdump -i eth0 -s 0 -w a.cap
    tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
    
    
    
    
    
    
    ^C2286 packets captured
    2287 packets received by filter
    0 packets dropped by kernel
    

    查看包内容

    tcpdump -r a.cap
    
    22:43:23.135308 IP api0 > 169.254.128.5: ICMP echo reply, id 43468, seq 46081, length 8
    22:43:23.176861 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 1:21, ack 22, win 229, options [nop,nop,TS val 139484218 ecr 2378495695], length 20
    22:43:23.176926 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 21, win 227, options [nop,nop,TS val 2378496014 ecr 139484218], length 0
    22:43:23.178535 IP api0.ssh > 1.179.182.186.51375: Flags [P.], seq 22:1302, ack 21, win 227, options [nop,nop,TS val 2378496016 ecr 139484218], length 1280
    22:43:23.495132 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 21:173, ack 1302, win 251, options [nop,nop,TS val 139484297 ecr 2378496016], length 152
    22:43:23.534485 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 173, win 235, options [nop,nop,TS val 2378496372 ecr 139484297], length 0
    22:43:23.847482 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 173:317, ack 1302, win 251, options [nop,nop,TS val 139484385 ecr 2378496372], length 144
    22:43:23.847524 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 317, win 243, options [nop,nop,TS val 2378496685 ecr 139484385], length 0
    22:43:23.848928 IP api0.ssh > 1.179.182.186.51375: Flags [P.], seq 1302:2022, ack 317, win 243, options [nop,nop,TS val 2378496686 ecr 139484385], length 720
    22:43:23.923096 IP 169.254.128.4 > api0: ICMP echo request, id 22900, seq 25224, length 8
    22:43:23.923159 IP api0 > 169.254.128.4: ICMP echo reply, id 22900, seq 25224, length 8
    22:43:24.174467 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 317:333, ack 2022, win 271, options [nop,nop,TS val 139484465 ecr 2378496686], length 16
    22:43:24.214284 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 333, win 243, options [nop,nop,TS val 2378497052 ecr 139484465], length 0
    22:43:24.528689 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 333:385, ack 2022, win 271, options [nop,nop,TS val 139484554 ecr 2378497052], length 52
    22:43:24.528727 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 385, win 243, options [nop,nop,TS val 2378497366 ecr 139484554], length 0
    22:43:24.528840 IP api0.ssh > 1.179.182.186.51375: Flags [P.], seq 2022:2074, ack 385, win 243, options [nop,nop,TS val 2378497366 ecr 139484554], length 52
    22:43:24.836138 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 385:469, ack 2074, win 271, options [nop,nop,TS val 139484632 ecr 2378497366], length 84
    22:43:24.875235 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 469, win 243, options [nop,nop,TS val 2378497713 ecr 139484632], length 0
    22:43:26.037618 IP api0.57550 > 169.254.0.4.http: Flags [S], seq 2025128073, win 29200, options [mss 1460,sackOK,TS val 2378498875 ecr 0,nop,wscale 7], length 0
    22:43:26.039078 IP 169.254.0.4.http > api0.57550: Flags [S.], seq 2435664468, ack 2025128074, win 14600, options [mss 1424,nop,nop,sackOK,nop,wscale 1], length 0
    22:43:26.039107 IP api0.57550 > 169.254.0.4.http: Flags [.], ack 1, win 229, length 0
    22:43:26.039158 IP api0.57550 > 169.254.0.4.http: Flags [P.], seq 1:182, ack 1, win 229, length 181
    22:43:26.040456 IP 169.254.0.4.http > api0.57550: Flags [.], ack 182, win 7836, length 0
    22:43:26.040468 IP api0.57550 > 169.254.0.4.http: Flags [P.], seq 182:558, ack 1, win 229, length 376
    22:43:26.041756 IP 169.254.0.4.http > api0.57550: Flags [.], ack 558, win 8372, length 0
    22:43:26.041853 IP 169.254.0.4.http > api0.57550: Flags [P.], seq 1:129, ack 558, win 8372, length 128
    22:43:26.041860 IP api0.57550 > 169.254.0.4.http: Flags [.], ack 129, win 237, length 0
    22:43:26.041871 IP 169.254.0.4.http > api0.57550: Flags [F.], seq 129, ack 558, win 8372, length 0
    22:43:26.042130 IP api0.57550 > 169.254.0.4.http: Flags [F.], seq 558, ack 130, win 237, length 0
    22:43:26.043461 IP 169.254.0.4.http > api0.57550: Flags [.], ack 559, win 8372, length 0
    22:43:26.152907 IP 169.254.128.5 > api0: ICMP echo request, id 43486, seq 46099, length 8
    22:43:26.152944 IP api0 > 169.254.128.5: ICMP echo reply, id 43486, seq 46099, length 8
    22:43:26.894580 IP api0.ssh > 1.179.182.186.51375: Flags [P.], seq 2074:2158, ack 469, win 243, options [nop,nop,TS val 2378499732 ecr 139484632], length 84
    22:43:26.941364 IP 169.254.128.4 > api0: ICMP echo request, id 22923, seq 25247, length 8
    22:43:26.941411 IP api0 > 169.254.128.4: ICMP echo reply, id 22923, seq 25247, length 8
    22:43:27.209987 IP 1.179.182.186.51375 > api0.ssh: Flags [P.], seq 469:521, ack 2158, win 271, options [nop,nop,TS val 139485225 ecr 2378499732], length 52
    22:43:27.210043 IP api0.ssh > 1.179.182.186.51375: Flags [.], ack 521, win 243, options [nop,nop,TS val 2378500047 ecr 139485225], length 0
    22:43:27.210067 IP 1.179.182.186.51375 > api0.ssh: Flags [F.], seq 521, ack 2158, win 271, options [nop,nop,TS val 139485225 ecr 2378499732], length 0
    22:43:27.211484 IP 1.179.182.186.51501 > api0.ssh: Flags [S], seq 1638027811, win 29200, options [mss 1424,sackOK,TS val 139485226 ecr 0,nop,wscale 7], length 0
    22:43:27.211515 IP api0.ssh > 1.179.182.186.51501: Flags [S.], seq 1860491578, ack 1638027812, win 28960, options [mss 1460,sackOK,TS val 2378500049 ecr 139485226,nop,wscale 7], length 0
    22:43:27.213376 IP api0.ssh > 1.179.182.186.51375: Flags [F.], seq 2158, ack 522, win 243, options [nop,nop,TS val 2378500051 ecr 139485225], length 0
    22:43:27.528020 IP 1.179.182.186.51501 > api0.ssh: Flags [.], ack 1, win 229, options [nop,nop,TS val 139485305 ecr 2378500049], length 0
    22:43:27.536453 IP api0.ssh > 1.179.182.186.51501: Flags [P.], seq 1:22, ack 1, win 227, options [nop,nop,TS val 2378500374 ecr 139485305], length 21
    22:43:27.888267 IP api0.ssh > 1.179.182.186.51375: Flags [F.], seq 2158, ack 522, win 243, options [nop,nop,TS val 2378500726 ecr 139485225], length 0
    22:43:28.193196 IP 1.179.182.186.51375 > api0.ssh: Flags [.], ack 2159, win 271, options [nop,nop,TS val 139485472 ecr 2378500051], length 0
    22:43:28.212243 IP api0.ssh > 1.179.182.186.51501: Flags [P.], seq 1:22, ack 1, win 227, options [nop,nop,TS val 2378501050 ecr 139485305], length 21
    22:43:28.416268 IP api0.53826 > 169.254.0.55.lsi-bobcat: Flags [P.], seq 2588:2752, ack 1827, win 49376, length 164
    22:43:28.418257 IP 169.254.0.55.lsi-bobcat > api0.53826: Flags [P.], seq 1827:1993, ack 2752, win 20186, length 166
    22:43:28.418306 IP api0.53826 > 169.254.0.55.lsi-bobcat: Flags [.], ack 1993, win 49376, length 0
    22:43:28.517198 IP 1.179.182.186.51501 > api0.ssh: Flags [P.], seq 1:21, ack 22, win 229, options [nop,nop,TS val 139485553 ecr 2378500374], length 20
    

    显示全部信息

    -r 只是显示摘要信息,如果想要看详细信息可以使用

    tcpdump -A -r a.cap
    
    22:44:08.933864 IP 169.254.0.4.http > api0.57588: Flags [S.], seq 2192916898, ack 617913455, win 14600, options [mss 1424,nop,nop,sackOK,nop,wscale 1], length 0
    E..4..@.:............P....A.$..o..9.y...............
    22:44:08.933889 IP api0.57588 > 169.254.0.4.http: Flags [.], ack 1, win 229, length 0
    E..(6.@.@..............P$..o..A.P...V/..
    22:44:08.933942 IP api0.57588 > 169.254.0.4.http: Flags [P.], seq 1:185, ack 1, win 229, length 184
    E...6.@.@..]...........P$..o..A.P...V...POST /heart_report.cgi HTTP/1.1
    Accept-Encoding: identity
    Content-Length: 196
    Host: 169.254.0.4
    Content-Type: application/json
    Connection: close
    User-Agent: Python-urllib/2.6
    
    
    22:44:08.934765 IP 169.254.0.4.http > api0.57588: Flags [.], ack 185, win 7836, length 0
    E..(.1@.:.)..........P....A.$..'P.......
    22:44:08.934777 IP api0.57588 > 169.254.0.4.http: Flags [P.], seq 185:381, ack 1, win 229, length 196
    E...6.@.@..P...........P$..'..A.P...V...[{"timestamp": 1580654648, "namespace": "qce/heartbeat", "dimension": {"vmip": "172.16.0.2", "vm_uuid": "547ca70e-7e4c-4490-a8e7-01fcb1160b7f"}, "batch": [{"name": "barad_agent_hb", "value": 1}]}]
    22:44:08.935550 IP 169.254.0.4.http > api0.57588: Flags [.], ack 381, win 8372, length 0
    E..(.2@.:.)..........P....A.$...P. .....
    22:44:08.935649 IP 169.254.0.4.http > api0.57588: Flags [P.], seq 1:129, ack 381, win 8372, length 128
    E....3@.:.)P.........P....A.$...P. .s...HTTP/1.1 200 OK
    Connection: close
    Content-Length: 70
    
    {"returnValue":0,"returnCode":0,"msg":"OK","seq":12335952500857952241}
    22:44:08.935654 IP api0.57588 > 169.254.0.4.http: Flags [.], ack 129, win 237, length 0
    E..(6.@.@..............P$.....B#P...V/..
    22:44:08.935660 IP 169.254.0.4.http > api0.57588: Flags [F.], seq 129, ack 381, win 8372, length 0
    E..(.4@.:.)..........P....B#$...P. ..-..
    22:44:08.935896 IP api0.57588 > 169.254.0.4.http: Flags [F.], seq 381, ack 130, win 237, length 0
    E..(6.@.@..............P$.....B$P...V/..
    22:44:08.936970 IP 169.254.0.4.http > api0.57588: Flags [.], ack 382, win 8372, length 0
    E..(.5@.:.)..........P....B$$...P. ..,..
    22:44:09.014927 IP 1.179.182.186.52144 > api0.ssh: Flags [P.], seq 21:173, ack 1302, win 251, options [nop,nop,TS val 139495677 ecr 2378541555], length 152
    E.....@.*..............."eW$].............
    .P..............7.Vh.
    .?.....n....diffie-hellman-group1-sha1....ssh-rsa...
    aes128-cbc...
    aes128-cbc...	hmac-sha1...	hmac-sha1....none....none...................
    22:44:09.042629 IP api0.58601 > 169.254.0.2.ntp: NTPv4, Client, length 48
    E..L..@.@..............{.8V..........................................^.
    .5^
    22:44:09.042937 IP 169.254.0.2.ntp > api0.58601: NTPv4, Server, length 48
    E..L..@.;............{...8..$.....PR..........[h.Q.}..^.
    .XD..^.
    22:44:09.054292 IP api0.ssh > 1.179.182.186.52144: Flags [.], ack 173, win 235, options [nop,nop,TS val 2378541892 ecr 139495677], length 0
    E..4S.@.@...............]..."eW.....d......
    ...D.P..
    22:44:09.217708 IP 169.254.128.4 > api0: ICMP echo request, id 23245, seq 10033, length 8
    E.........E...........v.Z.'1
    22:44:09.217746 IP api0 > 169.254.128.4: ICMP echo reply, id 23245, seq 10033, length 8
    E...N3..@.V...........~.Z.'1
    22:44:09.324762 IP api0 > dns.google: ICMP echo request, id 5131, seq 3, length 64
    E..T..@.@.............-.....9.6^............................ !"#$%&'()*+,-./01234567
    22:44:09.340866 IP dns.google > api0: ICMP echo reply, id 5131, seq 3, length 64
    E..T....1.............5.....9.6^............................ !"#$%&'()*+,-./01234567
    22:44:09.341055 IP api0.ssh > 117.136.74.216.11923: Flags [P.], seq 6086:6202, ack 3699, win 271, length 116
    .~.....s.|.W..t....+..$.r}..D..sP...m......P..o....2|a..}./`......q...{..A.AQ..GsU.....|].a..A....P=.	...........{....HN.O.a
    22:44:09.346696 IP 1.179.182.186.52144 > api0.ssh: Flags [P.], seq 173:317, ack 1302, win 251, options [nop,nop,TS val 139495760 ecr 2378541892], length 144
    E.....@.*..!............"eW.]..............
    .P.P...D..........l..(....
    .g..io4!.lb.._.79ka.E%.k....r..q.ME..B.-...0..............h...S../
    22:44:09.346736 IP api0.ssh > 1.179.182.186.52144: Flags [.], ack 317, win 243, options [nop,nop,TS val 2378542184 ecr 139495760], length 0
    E..4S.@.@...............]..."eXL....d......
    ...h.P.P
    22:44:09.347996 IP api0.ssh > 1.179.182.186.52144: Flags [P.], seq 1302:2022, ack 317, win 243, options [nop,nop,TS val 2378542185 ecr 139495760], length 720
    E...S.@.@...............]..."eXL....gv.....
    }..{J........t?,..Ff[..kZq............:...w......>................~..E.ozV....J.`.....3~e]....P.T.{..x..s.......?kc.......y...H.u.tri.0..+..5..J.3b`.).._...&....d&I.Q.0..."e.s..u-W*.>...I..04....U..1..Q!.uJ.i.A.4...{..(..z..p.].~k...A..vS..Z#..1i...........8..]...(..X....[..l.R....K...m.9..b,......qv..N..Uv..3X.l09..ef4......"...<.......u....DW.T`.+..wG.
    ...........
    22:44:09.366358 IP 117.136.74.216.11923 > api0.ssh: Flags [.], ack 6202, win 2034, length 0
    Eh.(..@.~...u.J.........p}.s...rP...b...
    22:44:09.636942 IP 117.136.74.216.11923 > api0.ssh: Flags [.], ack 6202, win 2040, length 0
    Eh.(,%@.~.c.u.J.........p}.s...rP...b...
    22:44:10.000216 IP api0.ssh > 1.179.182.186.52144: Flags [P.], seq 1302:2022, ack 317, win 243, options [nop,nop,TS val 2378542838 ecr 139495760], length 720
    E...S.@.@...............]..."eXL....gv.....
    }..{J........t?,..Ff[..kZq............:...w......>................~..E.ozV....J.`.....3~e]....P.T.{..x..s.......?kc.......y...H.u.tri.0..+..5..J.3b`.).._...&....d&I.Q.0..."e.s..u-W*.>...I..04....U..1..Q!.uJ.i.A.4...{..(..z..p.].~k...A..vS..Z#..1i...........8..]...(..X....[..l.R....K...m.9..b,......qv..N..Uv..3X.l09..ef4......"...<.......u....DW.T`.+..wG.
    ...........
    22:44:10.038619 IP api0.57590 > 169.254.0.4.http: Flags [S], seq 2040860092, win 29200, options [mss 1460,sackOK,TS val 2378542876 ecr 0,nop,wscale 7], length 0
    .......r.VC............Py.
    ............
    22:44:10.040012 IP 169.254.0.4.http > api0.57590: Flags [S.], seq 1778671327, ack 2040860093, win 14600, options [mss 1424,nop,nop,sackOK,nop,wscale 1], length 0
    ...9.................P..j.^.y.
    22:44:10.040040 IP api0.57590 > 169.254.0.4.http: Flags [.], ack 1, win 229, length 0
    .j.^.P...V/............Py.
    22:44:10.040090 IP api0.57590 > 169.254.0.4.http: Flags [P.], seq 1:182, ack 1, win 229, length 181
    .j.^.P...V...POST /ca_report.cgi HTTP/1.1
    Accept-Encoding: identity
    Content-Length: 268
    Host: 169.254.0.4
    Content-Type: application/json
    Connection: close
    User-Agent: Python-urllib/2.6
    

    也可以使用十六进制显示

    tcpdump -X -r a.cap
    
    22:44:21.633293 IP api0.ssh > 1.179.182.186.52412: Flags [.], ack 173, win 235, options [nop,nop,TS val 2378554471 ecr 139498822], length 0
    	0x0000:  4500 0034 84b3 4000 4006 5191 ac10 0002  E..4..@.@.Q.....
    	0x0010:  01b3 b6ba 0016 ccbc 30d7 6294 6932 93aa  ........0.b.i2..
    	0x0020:  8010 00eb 64a6 0000 0101 080a 8dc5 dc67  ....d..........g
    	0x0030:  0850 9546                                .P.F
    22:44:21.934624 IP api0.57604 > 169.254.0.4.http: Flags [S], seq 2381561220, win 29200, options [mss 1460,sackOK,TS val 2378554772 ecr 0,nop,wscale 7], length 0
    	0x0000:  4500 003c 6010 4000 4006 8497 ac10 0002  E..<`.@.@.......
    	0x0010:  a9fe 0004 e104 0050 8df3 bd84 0000 0000  .......P........
    	0x0020:  a002 7210 5643 0000 0204 05b4 0402 080a  ..r.VC..........
    	0x0030:  8dc5 dd94 0000 0000 0103 0307            ............
    22:44:21.935377 IP 169.254.0.4.http > api0.57604: Flags [S.], seq 1775983592, ack 2381561221, win 14600, options [mss 1424,nop,nop,sackOK,nop,wscale 1], length 0
    	0x0000:  45b8 0034 0000 4000 3a06 e9f7 a9fe 0004  E..4..@.:.......
    	0x0010:  ac10 0002 0050 e104 69db 5be8 8df3 bd85  .....P..i.[.....
    	0x0020:  8012 3908 ed7c 0000 0204 0590 0101 0402  ..9..|..........
    	0x0030:  0103 0301                                ....
    22:44:21.935405 IP api0.57604 > 169.254.0.4.http: Flags [.], ack 1, win 229, length 0
    	0x0000:  4500 0028 6011 4000 4006 84aa ac10 0002  E..(`.@.@.......
    	0x0010:  a9fe 0004 e104 0050 8df3 bd85 69db 5be9  .......P....i.[.
    	0x0020:  5010 00e5 562f 0000                      P...V/..
    22:44:21.935458 IP api0.57604 > 169.254.0.4.http: Flags [P.], seq 1:182, ack 1, win 229, length 181
    	0x0000:  4500 00dd 6012 4000 4006 83f4 ac10 0002  E...`.@.@.......
    	0x0010:  a9fe 0004 e104 0050 8df3 bd85 69db 5be9  .......P....i.[.
    	0x0020:  5018 00e5 56e4 0000 504f 5354 202f 6361  P...V...POST./ca
    	0x0030:  5f72 6570 6f72 742e 6367 6920 4854 5450  _report.cgi.HTTP
    	0x0040:  2f31 2e31 0d0a 4163 6365 7074 2d45 6e63  /1.1..Accept-Enc
    	0x0050:  6f64 696e 673a 2069 6465 6e74 6974 790d  oding:.identity.
    	0x0060:  0a43 6f6e 7465 6e74 2d4c 656e 6774 683a  .Content-Length:
    	0x0070:  2033 3335 0d0a 486f 7374 3a20 3136 392e  .335..Host:.169.
    	0x0080:  3235 342e 302e 340d 0a43 6f6e 7465 6e74  254.0.4..Content
    	0x0090:  2d54 7970 653a 2061 7070 6c69 6361 7469  -Type:.applicati
    	0x00a0:  6f6e 2f6a 736f 6e0d 0a43 6f6e 6e65 6374  on/json..Connect
    	0x00b0:  696f 6e3a 2063 6c6f 7365 0d0a 5573 6572  ion:.close..User
    	0x00c0:  2d41 6765 6e74 3a20 5079 7468 6f6e 2d75  -Agent:.Python-u
    	0x00d0:  726c 6c69 622f 322e 360d 0a0d 0a         rllib/2.6....
    22:44:21.936159 IP 169.254.0.4.http > api0.57604: Flags [.], ack 182, win 7836, length 0
    	0x0000:  45b8 0028 a301 4000 3a06 4702 a9fe 0004  E..(..@.:.G.....
    	0x0010:  ac10 0002 0050 e104 69db 5be9 8df3 be3a  .....P..i.[....:
    	0x0020:  5010 1e9c 47dc 0000                      P...G...
    22:44:21.936170 IP api0.57604 > 169.254.0.4.http: Flags [P.], seq 182:517, ack 1, win 229, length 335
    	0x0000:  4500 0177 6013 4000 4006 8359 ac10 0002  E..w`.@.@..Y....
    	0x0010:  a9fe 0004 e104 0050 8df3 be3a 69db 5be9  .......P...:i.[.
    	0x0020:  5018 00e5 577e 0000 5b7b 2274 696d 6573  P...W~..[{"times
    	0x0030:  7461 6d70 223a 2031 3538 3036 3534 3636  tamp":.158065466
    	0x0040:  312c 2022 6e61 6d65 7370 6163 6522 3a20  1,."namespace":.
    	0x0050:  2271 6365 2f63 766d 222c 2022 6469 6d65  "qce/cvm",."dime
    	0x0060:  6e73 696f 6e22 3a20 7b22 766d 6970 223a  nsion":.{"vmip":
    	0x0070:  2022 3137 322e 3136 2e30 2e32 222c 2022  ."172.16.0.2",."
    	0x0080:  766d 5f75 7569 6422 3a20 2235 3437 6361  vm_uuid":."547ca
    	0x0090:  3730 652d 3765 3463 2d34 3439 302d 6138  70e-7e4c-4490-a8
    	0x00a0:  6537 2d30 3166 6362 3131 3630 6237 6622  e7-01fcb1160b7f"
    	0x00b0:  7d2c 2022 6261 7463 6822 3a20 5b7b 226e  },."batch":.[{"n
    	0x00c0:  616d 6522 3a20 2263 7075 5f75 7361 6765  ame":."cpu_usage
    	0x00d0:  222c 2022 7661 6c75 6522 3a20 312e 3630  ",."value":.1.60
    	0x00e0:  3030 3030 3030 3030 3030 3030 3031 7d2c  00000000000001},
    	0x00f0:  207b 226e 616d 6522 3a20 2263 7075 5f6c  .{"name":."cpu_l
    	0x0100:  6f61 645f 3122 2c20 2276 616c 7565 223a  oad_1",."value":
    	0x0110:  2030 2e30 7d2c 207b 226e 616d 6522 3a20  .0.0},.{"name":.
    	0x0120:  2263 7075 5f6c 6f61 645f 3522 2c20 2276  "cpu_load_5",."v
    	0x0130:  616c 7565 223a 2030 2e30 317d 2c20 7b22  alue":.0.01},.{"
    	0x0140:  6e61 6d65 223a 2022 6370 755f 6c6f 6164  name":."cpu_load
    	0x0150:  5f31 3522 2c20 2276 616c 7565 223a 2030  _15",."value":.0
    	0x0160:  2e30 3530 3030 3030 3030 3030 3030 3030  .050000000000000
    	0x0170:  3030 337d 5d7d 5d                        003}]}]
    
  • 相关阅读:
    先装.NET SDK 后装IIS导致的错误
    proc
    C# FTP上传
    English Word
    Window服务程序
    DataView排序 疑惑
    移除字符串末尾制定个数字符
    树状列表
    updatepanel 中按钮下载文件出错解决
    如何删除vs最近打开的项目
  • 原文地址:https://www.cnblogs.com/zzliu/p/12254221.html
Copyright © 2020-2023  润新知