dhcp パケットをキャプチャするメモ

tcpdumpの場合

$ sudo tcpdump -i wlp3s0 port 67 or port 68 -e -n
[sudo] password for matoken:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlp3s0, link-type EN10MB (Ethernet), capture size 262144 bytes
21:07:44.898511 00:23:15:5b:a6:60 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:23:15:5b:a6:60, length 300

dhcpdump も読みやすくて便利

$ sudo dhcpdump -i wlp3s0
  TIME: 2019-04-10 21:17:17.398
	IP: 0.0.0.0 (0:23:15:5b:a6:60) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
	OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: 011d073a
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:23:15:5b:a6:60:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         3 (DHCPREQUEST)
OPTION:  50 (  4) Request IP address        192.168.1.5
OPTION:  12 (  5) Host name                 x201i
OPTION:  55 ( 17) Parameter Request List      1 (Subnet mask)
											 28 (Broadcast address)
											  2 (Time offset)
											  3 (Routers)
											 15 (Domainname)
											  6 (DNS server)
											119 (Domain Search)
											 12 (Host name)
											 44 (NetBIOS name server)
											 47 (NetBIOS scope)
											 26 (Interface MTU)
											121 (Classless Static Route)
											 42 (NTP servers)
											249 (MSFT - Classless route)
											 33 (Static route)
											252 (MSFT - WinSock Proxy Auto Detect)
											 17 (Root path)


--------------------


^C

コメントを残す コメントをキャンセル

コメントを残すコメントをキャンセル