This article is a quick and easy HowTo detailing the use of Wireshark or another network sniffing program to debug your Apache .htaccess or httpd.conf files.

First some shell based tools.

wget -S --spider URLlynx -head -dump URLcurl -I URLHEAD URLGET -de URLw3m -dump_head URLsiege -g URL


Set Your Capture-filter to tcp port 80 and then start capturing. Use any of the following display filters to view the data you want.

Display Filters ^

HTTP Display Filter Options ^

  • http.accept String Accept
  • http.accept_encoding String Accept Encoding
  • http.accept_language String Accept-Language
  • http.authbasic String Credentials
  • http.authorization String Authorization
  • http.cache_control String Cache-Control
  • http.connection String Connection
  • http.content_encoding String Content-Encoding
  • http.content_length Unsigned 32-bit integer Content-Length
  • http.content_type String Content-Type
  • http.cookie String Cookie
  • http.date String Date
  • http.host String Host
  • http.last_modified String Last-Modified
  • http.location String Location
  • http.notification Boolean Notification
  • http.proxy_authenticate String Proxy-Authenticate
  • http.proxy_authorization String Proxy-Authorization
  • http.referer String Referer
  • http.request Boolean Request
  • http.request.method String Request Method
  • http.request.uri String Request URI
  • http.request.version String Request Version
  • http.response Boolean Response
  • http.response.code Unsigned 16-bit integer Response Code
  • http.server String Server
  • http.set_cookie String Set-Cookie
  • http.transfer_encoding String Transfer-Encoding
  • http.user_agent String User-Agent
  • http.www_authenticate String WWW-Authenticate
  • http.x_forwarded_for String X-Forwarded-For

View All HTTP trafic ^

http
 
 
 

View all flash video stuff ^

http.request.uri contains "flv" or http.request.uri contains "swf" or http.content_type contains "flash" or http.content_type contains "video"

Show non-google cache-control ^

http.cache_control != "private, x-gzip-ok="""

or

(((((http.cache_control != "private, x-gzip-ok=""") && !(http.cache_control == "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private")) && !(http.cache_control == "max-age=0, no-store")) && !(http.cache_control == "private")) && !(http.cache_control == "no-cache")) && !(http.cache_control == "no-transform")

Show only certain responses ^

#404: page not found
http.response.code == 404
 
#200: OK
http.response.code == 200

Show only certain HTTP methods ^

http.request.method == "POST" || http.request.method == "PUT"

Show only filetypes that begin with "text" ^

http.content_type[0:4] == "text"

Show only javascript ^

http.content_type contains "javascript"

Show all http with content-type="image/(gif|jpeg|png|etc)" ^

http.content_type[0:5] == "image"

Show all http with content-type="image/gif" ^

http.content_type == "image/gif"

Do not show content http, only headers ^

http.response !=0 || http.request.method != "TRACE"

Setting HTTP Preferences ^

Reassemble HTTP headers spanning multiple TCP segments: ^

When this preference is enabled, then the HTTP dissector will reassemble the HTTP header if it has been transmitted over more than one TCP segment. Although it is unusual for headers span multiple segments, it's not impossible, and this should be checked if you expect to view the contents of the HTTP conversation.

Reassemble HTTP bodies spanning multiple TCP segments: ^

When this preference is enabled, then the HTTP dissector will reassemble the HTTP body if it has been transmitted over more than one TCP segment. All but the smallest of responses will span multiple segments, so this preference should be checked if you expect to view the contents of the HTTP conversation.See TCP Reassembly for an example on how to use this to extract JPEG images from a capture.

Reassemble chunked transfer-coded bodies: ^

When this preference is enabled, any chunked transfer-coding response spanning multiple segments will be decoded and the payload (the body of the response) will be added to the protocol tree. This happens automatically for one segment responses.

Uncompress entity bodies: ^

Enable this preference if gzip or deflate encoded (compressed) HTTP entities should be decoded. This allows the visualisation of the compressed data, and possibly the dissection of it.

wireshark http抓包命令行详解的更多相关文章

  1. Scrapy框架的命令行详解【转】

    Scrapy框架的命令行详解 请给作者点赞 --> 原文链接 这篇文章主要是对的scrapy命令行使用的一个介绍 创建爬虫项目 scrapy startproject 项目名例子如下: loca ...

  2. [转载]OpenSSL中文手册之命令行详解(未完待续)

     声明:OpenSSL之命令行详解是根据卢队长发布在https://blog.csdn.net/as3luyuan123/article/details/16105475的系列文章整理修改而成,我自己 ...

  3. 7Z命令行详解

    7z.exe在CMD窗口的使用说明如下: 7-Zip (A) 4.57 Copyright (c) 1999-2007 Igor Pavlov 2007-12-06 Usage: 7za <co ...

  4. 7-zip命令行详解

    一.简介 7z,全称7-Zip, 是一款开源软件.是目前公认的压缩比例最大的压缩解压软件. 主要特征: # 全新的LZMA算法加大了7z格式的压缩比 # 支持格式: * 压缩 / 解压缩:7z, XZ ...

  5. linux下抓包工具tcpdump详解

    本文转自:http://www.cnblogs.com/ggjucheng/archive/2012/01/14/2322659.html 简介 用简单的话来定义tcpdump,就是:dump the ...

  6. gcc命令行详解

    介绍] ----------------------------------------- 常见用法: GCC 选项 GCC 有超过100个的编译选项可用. 这些选项中的许多你可能永远都不会用到, 但 ...

  7. [转] Linux抓包工具tcpdump详解

    http://www.ha97.com/4550.html PS:tcpdump是一个用于截取网络分组,并输出分组内容的工具,简单说就是数据包抓包工具.tcpdump凭借强大的功能和灵活的截取策略,使 ...

  8. Linux抓包工具tcpdump详解

    tcpdump是一个用于截取网络分组,并输出分组内容的工具,简单说就是数据包抓包工具.tcpdump凭借强大的功能和灵活的截取策略,使其成为Linux系统下用于网络分析和问题排查的首选工具. tcpd ...

  9. 抓包工具Fidder详解(主要来抓取Android中app的请求)

    今天闲着没吊事,来写一篇关于怎么抓取Android中的app数据包?工欲行其事,必先利其器,上网google了一下,发现了一款神器:Fiddler,这个貌似是所有软件开发者必备神器呀!这款工具不仅可以 ...

随机推荐

  1. 大概了解了flexbox

    <!doctype html> <html> <head> <meta charset="utf-8"> <title> ...

  2. Java异常-一般异常和运行时异常的区别

    Java提供了两类主要的异常:runtime exception和checked exception.checked 异常也就是我们经常遇到的IO异常,以及SQL异常都是这种异常.对于这种异常, JA ...

  3. 【CodeForces 567F】Mausoleum

    寒假最后一题补完啦 ^∀^ 题意 1到n每个数字有两个,排成先不降后不升的序列,比如112332,并且满足k个形如 3 <= 6 代表第三个数字要≤第六个数字这样的约束要求,求有多少种排法. 分 ...

  4. 【poj1090】 Chain

    http://poj.org/problem?id=1090 (题目链接) 题意 给出九连环的初始状态,要求将环全部取下需要走多少步. Solution 格雷码:神犇博客 当然递推也可以做. 代码 / ...

  5. 洛谷P1661 扩散

    题目描述 一个点每过一个单位时间就会向四个方向扩散一个距离,如图. 两个点a.b连通,记作e(a,b),当且仅当a.b的扩散区域有公共部分.连通块的定义是块内的任意两个点u.v都必定存在路径e(u,a ...

  6. BZOJ1588 HNOI2002 营业额统计 [Splay入门题]

    [HNOI2002]营业额统计 Time Limit: 5 Sec  Memory Limit: 162 MBSubmit: 4128  Solved: 1305 Description 营业额统计 ...

  7. MySql与Java的时间类型

    MySql的时间类型有          Java中与之对应的时间类型date                                           java.sql.DateDatet ...

  8. javaIO(三)

  9. 51NOD 1400 序列分解

    传送门:1400 序列分解序列分解 基准时间限制:1s  空间限制:131072 KBKB131072 KB 1 秒 空间限制:131072 KB 分值: 40 难度:4级算法题1 秒 空间限制:13 ...

  10. POJ1328Radar Installation(区间点覆盖问题)

    Radar Installation Time Limit: 1000MS   Memory Limit: 10000K Total Submissions: 68597   Accepted: 15 ...