安装:

yum -y install libpcap

yum -y install lua-devel

yum -y install wireshark

源代码安装

http://yuyongid.blog.51cto.com/10626891/1707357

tshark -s 512 -i eth0 -n -f 'not arp' -T fields -e frame.time -e frame.protocols -e ip.src -e tcp.srcport -e ip.dst -e tcp.dstport -e http.host -e http.request.line -e dns.qry.name -l

eth.dst : 目标mac地址

使用说明:

http://f.dataguru.cn/thread-560048-1-1.html

https://www.wireshark.org/docs/dfref/

抓包和分析工具

http://blog.csdn.net/zztoll/article/details/54925279

lua写wireshark解析器

http://www.jianshu.com/p/1e2f63a484d6

lua抓包和处理

http://blog.csdn.net/john_crash/article/details/51037437