欢迎关注:1,欢迎关注本博客,你可点击右手边的【QQ邮件订阅】订阅本博客!2,本博客推出江湖救急计划,主要为工作中遇到疑难杂症的兄弟提供远程技术支持和分析,如有需要,请在江湖救急计划页面给我留言!

Bluecoat加速网关抓包方法

作者:易隐者 发布于:2012-3-19 20:52 Monday 分类:参考资料

 图形界面

        可通过图形界面到maintenance-〉Service information-〉Packet capture,从右边的界面中点击Start capture来开始抓包,stop capture来停止抓包。Download可以将所抓的包下载到本地使用wireshark工具进行分析。注意SG抓包最多能存100MB的包。 

点击查看原图


        如果通过SG的流量过大,可采用capture filter来进行抓包过滤,bluecoat的抓包filter的写法遵循TCPDump。

命令行界面

You can take a packet capture from Bluecoat Director using the following commands from the Director CLI:
Login to director
Go into Enable Mode
director# config t
director (config) # tcpdump filter -s0      (NOTE:  This sets the number of bytes to capture per packet; -s0 captures a full packet

director (config) # tcpdump start
director #
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
director (config) # tcpdump stop
ok
231 packets captured
231 packets received by filter
0 packets dropped by kernel

You can upload the packet capture to a server for viewing purposes using the following command:

director # tcpdump upload ftp:/// / username password
director #

Packet captures taken from director can be viewed by Wireshark (http://www.wireshark.org).

阅读全文>>

标签: wireshark tcpdump 抓包 Bluecoat 加速网关

评论(0) 引用(0) 浏览(7021)

Powered by 易隐者 基于emlog 皖ICP备12002343号-1