tcpdump用法

-i eth0 表示网卡-A 表示转为ascii码-n 表示不要转域名，用ip就好host 后面加IP地址

查看nginx是长连接还是短连接：

[root@nginx01 ~]#  tcpdump -i eth0 -A host 192.168.156.44  -n | grep HTTP              tcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes.oJ&...ePOST /v2/story/comic/xxx/top HTTP/1.1...}.oJ&HTTP/1.1 200 OK.oN.....POST /v1/story/xxx HTTP/1.1.....oN.HTTP/1.1 200 OK.oN....:POST /v1/story/xxx HTTP/1.1...[.oN.HTTP/1.1 200 OK.oR....BPOST /v2/story/comic/xxx/top HTTP/1.1.oS....MPOST /v1/story/xxx HTTP/1.1...`.oR.HTTP/1.1 200 OK

结果:

HTTP/1.1 实锤