（1）报文抓取

Solaris中自带有snoop抓包工具，通过执行相应的命令抓取。

抓取目的地址为10.8.3.250的数据包，并存放到/opt/cap250的文件里

snoop -o /opt/cap250 host 10.8.3.250

（2）报文下载

方法1：使用scp命令，将当前设备上/下的test.cap文件传输到IP为10.8.12.90设备/mnt/hfs1目录下

-bash-3.2# scp /test.cap root@10.8.12.90:/mnt/hfs1/test.cap

The authenticity of host '10.8.12.90 (10.8.12.90)' can't be established.

RSA key fingerprint is ed:d6:cc:15:2b:15:c2:af:0f:c2:b0:4d:44:08:09:ca.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '10.8.12.90' (RSA) to the list of known hosts.

root@10.8.12.90's password:

test.cap             100% |************************************************************************| 18320       00:00   

方法2：使用SSH Secure File Transfer Client下载到本地；