OpenHarmony使用Tcpdump 原创

简介

Tcpdump是一个强大的网络抓包分析工具，那么如何在OpenHarmony里编译使用此工具就是我们这篇文章要分享的话题。

编译构建

• 下载：从http://www.tcpdump.org下载最新源码

  下载地址：wget https://www.tcpdump.org/release/tcpdump-4.99.4.tar.gz
  

• 安装编译环境

  //编译工具链（32位）
  sudo apt-get install gcc-arm-linux-gnueabi
  //ohos的源码下载后，其实也有对应的工具链，位置如下
  prebuilts/gcc/linux-x86/arm（32位）/gcc-linaro-7.5.0-arm-linux-gnueabi/bin
  

• 编译

  //设置环境变量
  export CC=arm-linux-gnueabi-gcc
  export CFLAGS=-static
  export CPPFLAGS=-static
  export LDFLAGS=-static
  //配置
  ./configure --host=arm-linux --disable-ipv6
  //编译
  make
  //strip
  arm-linux-gnueabi-strip tcpdump
  

• 运行测试

  //传到板子上
  hdc_std.exe shell mount -o rw,remount /
  hdc_std.exe file send tcpdump /system/bin
  hdc_std.exe shell chmod +x /system/bin/tcpdump
  
  //运行测试
  hdc_std.exe shell
  # tcpdump -w data/local/tmp/test.cap
  tcpdump: listening on wlan0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
  14 packets captured
  14 packets received by filter
  0 packets dropped by kernel
  

小结

• 配合netstat可以更好的使用tcpdump，附件是tcpdump编译好的二进制，发到rk上可用

  # netstat --help
  usage: netstat [-pWrxwutneal]
  
  Display networking information. Default is netstat -tuwx
  
  -r      Routing table
  -a      All sockets (not just connected)
  -l      Listening server sockets
  -t      TCP sockets
  -u      UDP sockets
  -w      Raw sockets
  -x      Unix sockets
  -e      Extended info
  -n      Don't resolve names
  -W      Wide display
  -p      Show PID/program name of sockets
  
  # tcpdump -help
  tcpdump version 4.99.1
  libpcap version 1.10.1 (with TPACKET_V3)
  Usage: tcpdump [-AbdDefhHIJKlLnNOpqStuUvxX#] [ -B size ] [ -c count ] [--count]
                  [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
                  [ -i interface ] [ --immediate-mode ] [ -j tstamptype ]
                  [ -M secret ] [ --number ] [ --print ] [ -Q in|out|inout ]
                  [ -r file ] [ -s snaplen ] [ -T type ] [ --version ]
                  [ -V file ] [ -w file ] [ -W filecount ] [ -y datalinktype ]
                  [ --time-stamp-precision precision ] [ --micro ] [ --nano ]
                  [ -z postrotate-command ] [ -Z user ] [ expression ]