On Linux, create an isolated network namespace and use a virtual Ethernet (veth) pair to connect the new network namespace with the main network namespace.Run a program in a virtual machine (VM) and capture traffic from within the VM, or from the bridge attached to the outside of the VM.If you know that an application contacts certain IP addresses or ports, you could specify a capture filter such as udp port 53 or host.For established TCP sockets, this information could potentially be looked up on-the-fly, but there is no way to express a capture filter to limit filtering to a single process. Arbitrary packets are typically not associated with a process.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |