wireshark普通(tōng)抓包時(shí),當白δ♦"•(bái)飯時(shí)間(jiān)過長(cháng)會(huì)會(hΩβ♥uì)造成內(nèi)存溢出問(wèn)↕'題,占用(yòng)server 內(nèi) ≈存資源,普通(tōng)pc無法24小(xiǎo)時(shφ<₩∏í)全天不(bù)間(jiān)斷抓包。
無
通(tōng)過cmd 進入wireshark 安裝目♠§錄,執行(xíng)dumpcap.exe -i 網卡索引&↔✔ nbsp; -b filesize:204800 -w D:/★zhuabao.pcap
上(shàng)述命令的(de)含義是(shì)wiresδ§>hark 抓包是(shì)直接寫硬盤,不(bù)會(huì)造♠↔>☆成內(nèi)存溢出問(wèn)題,不(bù)占用(yòng)server ↔←¶§內(nèi)存資源,每個(gè)文(wén)件(j→&≥iàn)200M 大(dà)小(xiǎo),¶≠÷♠普通(tōng)pc即可(kě)24小(€≤☆→xiǎo)時(shí)全天不(bù)間(jiān)斷抓包,隻要(yào)保證♣≥α硬盤夠大(dà)就(jiù)好(hǎo)了(le)。
下(xià)面的(de)命令可(kě)以看©✘(kàn)到(dào)網卡索引和(hé)網卡名的(de)對(duì)應關系。
D:\Program Files\Wireshark>dump↕>cap.exe -D
1. \Device\NPF_{C5EB9264-5E93-4483-BE₩☆≤19-C8D24C43C05C} (Broadcom 802.11b/g ∞™☆☆Q?Mh)
2. \Device\NPF_{E760EBBD-5B71-4093♦¥γ-91F9-B3DC8330D8A6} (Realtek 10/1✔γ00/1000 Ether
net NIC &nb<♥¶sp; &n ♥bsp; ↑↓ &n"♦bsp; &nb•≥₹sp; &n₹≠bsp; &nbs∏®§¶p; )
3. \Device\NPF_{940D20AC-8DB9-475☆σλ3-ACCA-BB16FF7EB7F4} (SSLVPN Virtual ♠ εNetwork Ad
apter(CS Support))
4. \Device\NPF_{A2250C9C-49D9-4CAA§←-9069-D3F64F7DC8B7} (Sun)
D:\Program Files\Wireshδγ↓ark>
無