如何使用Wireshark过滤应用程序和数据库服务器之间的SQL Server通信？ [英] How do I filter SQL Server traffic between app and DB servers using Wireshark?

问题描述

我试图找出一些错误的连接重置的来源。我正在尝试使用Wireshark捕获应用程序服务器和数据库服务器之间的流量。如何在Wireshark中设置过滤器？

解决方案

Wireshark具有显示过滤器和捕获过滤器。捕获过滤器只捕获某些数据包，导致一个小的捕获文件。捕获过滤器在捕获选项（ctrl-K）中设置。捕获SQL Server流量的一个例子是：

$ p $ lt; code> host< sql-server-ip>和端口< sql-server-port>

工具栏中设置了一个显示过滤器。显示过滤器不会减小捕获的大小。捕捉正在运行时，您可以更改显示过滤器。一个示例显示过滤器：

  ip.addr ==< sql-server-ip> &安培;&安培; tcp.port ==< sql-server-port> 
  

默认的SQL Server端口是1433.

I'm trying to identify the source of some ill-timed connection resets. I'm trying to use Wireshark to capture the traffic that goes between the application server and database server. How do I set up a filter for this in Wireshark?

解决方案

Wireshark has display filters and capture filters. The capture filter captures only certain packets, resulting in a small capture file. Capture filters are set in Capture Options (ctrl-K). An example to capture SQL Server traffic would be:

host <sql-server-ip> and port <sql-server-port>

A display filter is set in the toolbar. A display filter does not reduce the size of the capture. You can change a display filter while the capture is running. An example display filter:

 ip.addr == <sql-server-ip> && tcp.port == <sql-server-port>

The default SQL Server port is 1433.

这篇关于如何使用Wireshark过滤应用程序和数据库服务器之间的SQL Server通信？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！