netcap
Microsoft Network Monitor capture utility
http://support.microsoft.com/kb/310875/zh-cn
Usage: NetCap.exe [/B:#] [/T <Type> <Buffer> <HexOffset> <HexPattern>]
[/F:<filterfile.cf>] [/C:<capture file>] [/N:#]
[/L:HH:MM:SS] [/TCF:<Folder Name>]
Example: NetCap /B:20 /N:2 /T BP 100 0a ff1f /F:d:\IPFilter.CF
/B:# - Buffer, capture size to take, from 1MB to 1000MB default is 1Mb
/T - Trigger, stop capturing when the given buffer and/or pattern is reached
If no trigger is given, the capture will stop when the buffer is full
Use "/T N" to continue capturing even if the buffer fills
Oldest frames in capture will be over written once the buffer is full
Note: With "/T N" you will have to hit space bar to stop capturing
<Type> - 'B' = buffer, 'P' = Pattern, 'BP' = Buffer then Pattern,
'PB' = Pattern then Buffer 'N' = No Trigger
<Buffer> - % Buffer Size '25', '50', '75', '100' used with
B, BP, PB (NOT P)
<HexOffset> - Hex Offset from start of frame used with P, BP, PB (NOT B)
<HexPattern>- Hex Pattern to match used with P, BP, PB (NOT B)
The Pattern must be an even number of hex digits
/C:<Capture File> - Move temporary capture to full path and/or file name
This can be any valid local or remote path
If "/C" is not specified the capture file will remain
in the default temporary capture folder
/F:<filterfile.cf>- A Network Monitor 2.x generated capture filter (*.cf)
/L:<HH:MM:SS> - Capture for given amount of time (max 99:99:99)
Note: This option overrides the default 100% trigger
unless "/T <trigger type>" is also specified
/TCF:<Folder Name>- Permanently changes the temporary capture folder
Warning the path must be on a fixed local hard drive
Once set you only need to use the switch again
to change the directory
/Remove - Removes the NetCap instance of the Network Monitor driver
/N:<#> - NIC Index number, for this computer
Use the following index numbers for these adapters:
(default) 0 = ETHERNET (2EED20524153) WAN (PPP/SLIP) Interface
1 = ETHERNET (001109B4E3BA)
Powered By anywolfs-狼族部落 CopyRight 2006, 刘辉的博客 xhtml | css