我怎样才能得到Wireshark的向我展示我的本地HTTP流量? [英] How can I get Wireshark to show me my local HTTP Traffic?
问题描述
当我输入用户可以在本URI调用REST方法在我运行的Web应用API:
When I enter either this URI to call a REST method on my running Web API app:
http://SHANNON2:21608/api/inventory/sendXML/duckbill/platypus/someFileName // using Hostname of local machine
- 或者这一个:
--or this one:
http://192.168.125.50:21608/api/inventory/sendXML/duckbill/platypus/someFileName // using IP Address of local machine
...在邮差(使用HttpPost,并附加一个XML文件),并运行它,在提琴手2研究它,我看到这个错误在提琴手的Inspectors.WebView窗格:
...in Postman (using HttpPost, and attaching an xml file) and run it, on examining it in Fiddler 2, I see this error in Fiddler's Inspectors.WebView pane:
Bad Request - Invalid Hostname
--------------------------------------------------------------------------------
HTTP Error 400. The request hostname is invalid.
请注意:我得到的,即使我的的错误不要的打在服务器上的相应的控制器REST方法断点
Note: I get that error even though I do hit the breakpoint in the corresponding Controller REST method on the server.
试图进一步研究究竟什么是happending(正在发送的HTTP),我跑Wireshark的,看看这只是我的IP地址的目的:
Trying to examine further exactly what's happending (what HTTP is being sent), I run Wireshark and see only this for destination of my IP Address:
...这与我的IP地址作为源:
...and this with my IP Address as the source:
为什么没有HTTP协议项?该HTTP显然被发送,因为我打我的服务器控制方法的第一行设置断点:
Why are there no HTTP Protocol entries? The HTTP is apparently being sent, because I am hitting the breakpoint I've set on the first line in the server Controller method:
[HttpPost]
[Route("api/inventory/sendXML/{userId}/{pwd}/{filename}")]
public async Task SendInventoryXML(String userId, String pwd, String fileName)
{
Task task = Request.Content.ReadAsStreamAsync().ContinueWith(t =>
{
var stream = t.Result;
using (FileStream fileStream = File.Create(String.Format(@"C:\HDP\{0}.xml", fileName), (int)stream.Length))
{
byte[] bytesInStream = new byte[stream.Length];
stream.Read(bytesInStream, 0, (int)bytesInStream.Length);
fileStream.Write(bytesInStream, 0, bytesInStream.Length);
}
});
}
那么,为什么Wireshark的如此隐秘,展示我发送的HTTP?难道视而不见到内部的沟通,如果是这样,我怎么能释放它给我证明?
So why is Wireshark being so secretive about showing me the HTTP sent? Is it turning a blind eye to that internal communication and, if so, how can I "unleash it" to show me that?
AHA /瞧!邮差,RawCap的组合( http://www.netresec.com/?page=RawCap),和Wireshark似乎工作。我及时从命令提示符下运行新发现RawCap这一措辞:
Aha / Voila! A combination of Postman, RawCap (http://www.netresec.com/?page=RawCap), and Wireshark seems to work. I promptly ran the newly-discovered RawCap from a command prompt with this verbiage:
RawCap.exe 192.168.125.50 captured.pcap
...然后叫邮差从REST的方法,并开通了RawCap在Wireshark中创建(在我的情况captured.pcap)生成的文件,它显示了我一些HTTP流量:
...then called the REST method from Postman, and opened the resulting file that RawCap created (captured.pcap in my case) in Wireshark, and it shows me some HTTP traffic:
有关HTTP调用一些细节可以看这里:
Some more detail about the HTTP call can be seen here:
我不知道如何优雅地关闭RawCap。
What I don't know is how to "shut down" RawCap gracefully.
RawCap / Wireshark的告诉我,这是一个错误的请求(我已经知道是响应):
RawCap/Wireshark tell me it's a Bad Request (which I already knew was the response):
......但我什么也看不到,给我一个关于线索的为什么的它被认为错误请求
...but I see nothing to give me a clue about why it's considered a bad request
当我尝试调用从提琴手作曲家我的REST方法与所有的各种形式的本地的(主机名,IP地址,locohost),我从来没有达到服务器断点;我得到犯错之前,该封邮件(404 locohost,400对于所有其他):
When I try to call my REST method from Fiddler Composer with all the various forms of "local" (hostname, IP Address, "locohost"), I never reach the breakpoint in the server; I get err msgs prior to that (404 for locohost, 400 for all others):
推荐答案
通常情况下,无效的主机名表示HTTP请求的主机头包含未结合到Web服务器上的任何位点的一个值。例如,您使用的是IP地址作为主机,但如果你的服务器被配置为只接受一个机器名称(如 myBox上),然后你会看到一个HTTP / 400从服务器要求你提供一个适当的主机名。
Typically, Invalid Hostname means that the HTTP request's Host header contains a value that is not bound to any site on the web server. For instance, you're using an IP address as the host, but if your server is only configured to accept a machine name (e.g. mybox) then you will see a HTTP/400 from the server demanding that you supply a proper hostname.
这篇关于我怎样才能得到Wireshark的向我展示我的本地HTTP流量?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
