如何查看服务器正在执行的所有请求URL（最终URL） [英] How to see all Request URLs the server is doing (final URLs)

问题描述

如何从服务器（* ux机器）到另一台机器的命令行URL列表中进行请求。

How list from the command line URLs requests that are made from the server (an *ux machine) to another machine.

例如，我在命令上服务器 ALPHA_RE 的行。
我对google.co.uk进行了ping操作，并对bbc.co.uk作了另一次ping。
我希望从提示符处看到：

For instance, I am on the command line of server ALPHA_RE . I do a ping to google.co.uk and another ping to bbc.co.uk I would like to see, from the prompt :

google.co.uk
bbc.co.uk

google.co.uk bbc.co.uk

所以，不是我要ping的机器的IP地址，也不是服务器的URL会将我的请求传递给google.co.uk或bbc.co.uk，但实际的最终到达网址是。

so, not the ip address of the machine I am pinging, and NOT an URL from servers that passes my the request to google.co.uk or bbc.co.uk , but the actual final urls.

请注意，只有正常ubuntu存储库中可用的软件包可用-它必须与命令行一起使用

Note that only packages that are available on normal ubuntu repositories are available - and it has to work with command line

编辑
最终目标是查看PHP脚本的API URL。 （由 cronjob 运行）请求；以及服务器请求实时使用的API URL。
这些主要执行对多个URL的GET和POST请求，我对了解这些参数很感兴趣：

Edit The ultimate goal is to see what API URLs a PHP script (run by a cronjob) requests ; and what API URLs the server requests 'live'. These ones do mainly GET and POST requests to several URLs, and I am interested in knowing the params :

它是否确实请求：

foobar.com/api/whatisthere?and=what&is=there&too=yeah

或至：

foobar.com/api/whatisthathere?is=it&foo=bar&green=yeah

cron作业或服务器还会执行其他任何GET或POST请求吗？
而且，无论这些API给出什么响应（如果有）。

And does the cron jobs or the server do any other GET or POST request ? And that, regardless what response (if any) these API gives.

此外，API列表是未知的-因此，您不能grep到一个特定的URL。

Also, the API list is unknown - so you cannot grep to one particular URL.

编辑：
（指定了旧票据：请注意，我无法在该服务器上安装任何东西（没有额外的软件包，我可以只使用正常命令-如tcpdump，sed，grep等。）//但由于很难通过tcpdump获得这些信息，因此我可以安装软件包了。）

(OLD ticket specified : Note that I can not install anything on that server (no extra package, I can only use the "normal" commands - like tcpdump, sed, grep,...) // but as getting these information with tcpdump is pretty hard, then I made installation of packages possible)

推荐答案

您可以使用 tcpdump 和 grep 从主机（以下cmd）获取有关网络流量活动的信息行应该包含所有包含主机的行：

You can use tcpdump and grep to get info about activity about network traffic from the host, the following cmd line should get you all lines containing Host:

 tcpdump -i any -A -vv -s 0 |  grep -e "Host:"

如果我在一个shell中运行以上命令并启动Links会话， stackoverflow我看到：

If I run the above in one shell and start a Links session to stackoverflow I see:

Host: www.stackoverflow.com
Host: stackoverflow.com

如果您想了解更多有关实际HTTP请求的信息，还可以向grep添加GET，PUT或POST请求的语句（即-e GET），它可以为您提供有关相对URL的一些信息（应与较早确定的主机结合使用以获取完整的URL）。

If you want to know more about the actual HTTP request you can also add statements to the grep for GET, PUT or POST requests (i.e. -e "GET"), which can get you some info about the relative URL (should be combined with the earlier determined host to get the full URL).

编辑：
根据您编辑的问题，我尝试进行了一些修改：
首先是tcpdump方法：

EDIT: based on your edited question I have tried to make some modification: first a tcpdump approach:

[root@localhost ~]# tcpdump -i any -A -vv -s 0 | egrep -e "GET" -e "POST" -e "Host:"
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
E..v.[@.@.......h.$....P....Ga  .P.9.=...GET / HTTP/1.1
Host: stackoverflow.com
E....x@.@..7....h.$....P....Ga.mP...>;..GET /search?q=tcpdump HTTP/1.1
Host: stackoverflow.com

还有一个ngrep：

[root@localhost ~]# ngrep -d any -vv -w byline | egrep -e "Host:" -e "GET" -e "POST"
^[[B  GET //meta.stackoverflow.com HTTP/1.1..Host: stackoverflow.com..User-Agent:
  GET //search?q=tcpdump HTTP/1.1..Host: stackoverflow.com..User-Agent: Links

我的测试用例正在运行链接stackoverflow.com，将tcpdump放在搜索字段中，然后按Enter。

My test case was running links stackoverflow.com, putting tcpdump in the search field and hitting enter.

这使您在一行上获得所有URL信息。更好的选择可能是简单地在您自己的服务器上运行反向代理（例如nginx）并修改主机文件（如亚当的回答所示），然后使反向代理将所有查询重定向到实际主机并使用日志记录功能。反向代理以从那里获取URL，日志可能会更容易阅读。

This gets you all URL info on one line. A nicer alternative might be to simply run a reverse proxy (e.g. nginx) on your own server and modify the host file (such as shown in Adam's answer) and have the reverse proxy redirect all queries to the actual host and use the logging features of the reverse proxy to get the URLs from there, the logs would probably a bit easier to read.

编辑2：
如果您使用以下命令行：

EDIT 2: If you use a command line such as:

ngrep -d any -vv -w byline | egrep -e "Host:" -e "GET" -e "POST" --line-buffered |  perl -lne 'print $3.$2  if /(GET|POST) (.+?) HTTP\/1\.1\.\.Host: (.+?)\.\./'

您应该看到实际的URL

you should see the actual URLs

这篇关于如何查看服务器正在执行的所有请求URL（最终URL）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！