Bluecoat加速网关抓包方法

作者:易隐者 发布于:2012-3-19 20:52 Monday 分类:参考资料

 图形界面

        可通过图形界面到maintenance-〉Service information-〉Packet capture,从右边的界面中点击Start capture来开始抓包,stop capture来停止抓包。Download可以将所抓的包下载到本地使用wireshark工具进行分析。注意SG抓包最多能存100MB的包。 

点击查看原图


        如果通过SG的流量过大,可采用capture filter来进行抓包过滤,bluecoat的抓包filter的写法遵循TCPDump。

命令行界面

You can take a packet capture from Bluecoat Director using the following commands from the Director CLI:
Login to director
Go into Enable Mode
director# config t
director (config) # tcpdump filter -s0      (NOTE:  This sets the number of bytes to capture per packet; -s0 captures a full packet

director (config) # tcpdump start
director #
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
director (config) # tcpdump stop
ok
231 packets captured
231 packets received by filter
0 packets dropped by kernel

You can upload the packet capture to a server for viewing purposes using the following command:

director # tcpdump upload ftp:/// / username password
director #

Packet captures taken from director can be viewed by Wireshark (http://www.wireshark.org).

标签: wireshark tcpdump 抓包 Bluecoat 加速网关


您对本文的评分:
当前平均分: 5.0(2 次打分)

版权所有:《蚂蚁网-多维人生,三实而立!》 => 《Bluecoat加速网关抓包方法
本文地址:http://www.vants.org/?post=177
除非注明,文章均为 《蚂蚁网-多维人生,三实而立!》 原创,欢迎转载!转载请注明本文地址,谢谢。

发表评论:

Powered by 易隐者 基于emlog 皖ICP备12002343号-1