如何确定Wireshark中的哪个数据包与我通过邮递员发送的数据包相对应? [英] How can I determine which packet in Wireshark corresponds to what I sent via Postman?
问题描述
我试图弄清楚为什么从我的手持设备(Windows CE/Compact Framework)发送的REST调用没有传递到我的服务器应用程序(在我的PC上运行的常规,成熟的.NET应用程序).
I'm trying to figure out why REST calls sent from my handheld device (Windows CE / Compact Framework) are not making it to my server app (regular, full-fledged .NET app running on my PC).
手持设备和PC已连接-我知道,因为可以在PC的Windows资源管理器中看到手持设备,所以Windows Mobile设备中心会验证两者之间的连接是否有效,等等.
The handheld device and the PC are connected - I know that because I can see the handheld device in the PC's Windows Explorer, Windows Mobile Device Center verifies the connection between the two is valid, etc.
当我通过Postman传递相同的REST调用时,我到达了运行在PC上的服务器应用程序上的断点,即:
I reach the breakpoint on my server app running on my PC when I pass the same REST call via Postman, namely:
http://192.168.125.50:21609/api/inventory/sendXML/duckbill/platypus/poisontoe
...但是从手持设备调用时不可以.
...but not when calling the same from the handheld device.
因此,我想在Wirehark中查看邮递员发送的内容,以便在尝试从手持设备调用相同的REST方法时看到要查找的内容.
So, I want to see in wireshark just what is being sent from postman, so I can see what to look for when attempting to call the same REST method from the handheld device.
我在wireshark中设置了一个过滤器,即"ip.dst == 192.168.125.50",并在通过Postman调用该方法时得到了一些结果,但是我什么地方都看不到我期望的端口21609".如果看到此消息,我会知道我正在查看正确的数据包,但是...在哪里?当我运行Postman并进行呼叫时,Wireshark捕获了四个数据包,但没有一个作为用户数据报协议"元素中的端口号给出.
I set up a filter in wireshark, namely "ip.dst == 192.168.125.50" and get a handful of results when calling the method via Postman, but nowhere do I see "port 21609" which I would expect to. If I saw this, I would know I was looking at the right packet, but...where is it? When I run Postman and make the call, there are four packets captured by Wireshark, and none of them give that as the port number in the "User Datagram Protocol" element.
如果忽略端口号,如何确定邮递员的数据包?
If the port number is disregarded, how can I determine which packet is the one from Postman?
Yoel有一个好主意;我添加了目标端口(未解决)"和源端口"作为要显示的列.
Yoel had a good idea; I added "Dest port (unresolved)" and "Sourceport" as columns to display.
然后我在Wireshark中开始了一个新的实时捕获,并从Postman发送了URL/REST方法.
I then started a new live capture in Wireshark and sent the URL / REST method from Postman.
服务器应用程序中的断点确实命中.我F5完成了它,并停止了Wireshark的捕获.
The breakpoint in the server app was indeed hit. I F5'd through it, and stopped the Wireshark capture.
在目标端口"列中的任何位置都看不到"21609".
"21609" is not seen in the Dest Port column anywhere.
为什么? URL如何发送,但Wireshark并未检测到它定向到的端口?
Why? How is the URL being sent, and yet Wireshark is not detecting the port to which it was directed?
此外,在Wireshark的协议"列中,我没有看到"HTTP"条目.
Also, in the Protocol column in Wireshark, I see no "HTTP" entries.
推荐答案
要在数据包列表中查看目标端口,必须通过右键单击列标题并选择Column preferences...来添加列.然后点击+符号,选择列标题,然后放入
To see the destination port in the packet list, you have to add a column by right clicking in a column header and selecting Column preferences.... Then click on the + sign, choose a column title, and put
tcp.dstport
作为Fields参数.
您还可以将显示过滤器直接用于表达式:
You can also directly use the display filter with the expression:
tcp.dstport == 21609
(已通过Wireshark 2.2.0测试)
(tested with Wireshark 2.2.0)
这篇关于如何确定Wireshark中的哪个数据包与我通过邮递员发送的数据包相对应?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
