Use Wireshark to capture loopback traffic without a loopback adapter

If you’ve ever used Wireshark for debugging applications you may have noticed that it only seems to pick up traffic that is actually transmitted over the wire and ignores all traffic sent to your local ip address or localhost. If you want to watch this traffic without having to install a special loopback adapter you can use the following trick.

How to force local traffic to your default gateway
1) Open a command prompt (Run as Administrator for Vista/7)
2) Type ipconfig/all (note your local ip address(es) and default gateway)
3) Type “route add <your ip address> mask 255.255.255.255 <default gateway IP address> metric 1″

This instructs windows to send any requests for your local ip address to your default gateway, which will in turn forward the request back to your machine. Be aware that this route will disappear once you restart your machine unless you include the -p switch after the route command. You may also notice an echo effect if you’re using Wireshark because you see each request and response twice. You can remove this problem by applying the following filter at the top.

ip.src==<default gateway> or ip.dst==<default gateway>

Consider the default gateway as a client trying to reach your machine and all traffic sent to the default gateway as your machine’s response.

To remove the route, type “route delete <the ip address you entered>”.

If you have an application running locally that uses localhost, you can map localhost to the IP address you added a route for. Just don’t forget you mapped localhost to a different IP than 127.0.0.1!

How to map localhost
1) Open notepad (Run as Administrator in Vista/7)
2) Navigate to C:\Windows\System32\drivers\etc\ and open the hosts file (there’s no extension).
3) Add this entry “<the IP address you added a route for> localhost”. Note that the space between the ip address and localhost is a tab.

Now, when your machine tries to send something to localhost, it will resolve to the IP address you added a route for and send its traffic to your default gateway.

(Important!) Remember to unblock the port used for incoming traffic on your machine. Also, if you find that an application you’re using doesn’t seem to send out traffic the way you expect, try flushing the dns cache with ipconfig/flushdns.

转自:http://blog.sina.com.cn/s/blog_53d3653e0100t2kq.html

 

Use Wireshark to capture loopback traffic without a loopback adapter (转)的更多相关文章

  1. Cannot capture jmeter traffic in fiddler

    Cannot capture jmeter traffic in fiddler First, change Fiddler's port back to 8888 as it was origina ...

  2. WireShark Flow capture analysis

    Wiresharkl流量分析 1.图示是对WiFi数据接口的80号端口进行数据捕获,设置混杂模式 过滤表达式设置: IP地址设置过滤   ip.src==191.168.1.102    ip.dst ...

  3. 使用开源的工具解析erspan流量

    Decapsulation ERSPAN Traffic With Open Source Tools Posted on May 3, 2015 by Radovan BrezulaUpdated ...

  4. wireshark, loopback

    swapondd if=/dev/zero of=/data/mnt/swap bs=1024 count=8024000 sudo apt-get install wireshark sudo gr ...

  5. How To: Capture Android & iOS Traffic with Fiddler

    How To: Capture iOS Traffic with Fiddlerhttps://www.telerik.com/blogs/how-to-capture-ios-traffic-wit ...

  6. wireshark & fiddler

    wireshark display filterhttps://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDisplayFilterSec ...

  7. how to use fiddler and wireshark to decrypt ssl

    原文地址: http://security14.blogspot.jp/2010/07/how-to-use-fiddler-and-wireshark-to.html Requirements2 C ...

  8. Ubuntu下用wireshark抓取802.11封包并进行过滤分析

    要用wireshark抓802.11的包 需要在linux下进行. 要在linux下抓802.11的包 需要在linux下安装无线网卡驱动. 所以 在正式抓取之前先把这两样东西搞起来. *没有特殊说明 ...

  9. 新版本wireshark tshark使用

    Wireshark-tshark wireshark 指令模式 => tshark Windows 及Linux 可至安裝目錄執行>tshark tshark.exe -i 7(利用-D找 ...

随机推荐

  1. ExtJS4 的dom

    Ext使用了三个核心的工具类对我们掌握的DOM进行了完美的封装. ┣ Ext.Element(几乎对DOM的一切进行了封彻底装) ┣ Ext.DomHelper(一个强大的操控UI界面的工具类) ┣ ...

  2. Node.js学习 - CallBack Function

    Node.js异步编程的直接体现就是回调,Node使用了大量的回调函数,其所有的API都支持回调. 阻塞代码实例(同步) var fs = require("fs"); var d ...

  3. 使用过滤器(Filter)解决请求参数中文乱码问题(复杂方式)

    前述:      在写这篇笔记之前,对笔记中的设计模式进行介绍:      本篇笔记中将要使用到的设计模式是:装饰(包装)设计模式           (1)装饰(包装)设计模式口诀:         ...

  4. shell输出不换行符合换行符

    输出不换行符 例如 echo "Hello\c" echo " World" //Hello World 输出换行符 echo "username\n ...

  5. pm

    如何不被程序员(RD)们嫌弃--写给那些血气方刚的产品经理(PM)http://www.36kr.com/p/212020.html 最近有位刚做 PM(产品经理)的小伙跑来跟我控诉,说公司技术部的 ...

  6. Qt5:窗口各类位置

    在Qt程序中获取窗口位置的函数有  geometry()   ,   frameGeometry()  , pos() ,x() , y()等 下面来看看这些函数的区别 还有另外两个函数 size() ...

  7. 你的float用对了吗

    介绍 很多人都知道float是浮点类型,它不能表示数据范围内的所有数值.但是,实际使用或编码时,你又是否记得这句话呢?下面是stackoverflow中的一个问题: why does a float ...

  8. js中的全局函数

    以前没搞懂JS的全局函数,全局函数和window对象的函数不一样.全局函数不属于任何一个内置对象. JS包含以下7个全局函数,用于一些常用的功能:escape(),eval(),isNan(),isF ...

  9. Restful based service 的跨域调用

    1.关于跨域, w3c的官方文档:https://www.w3.org/TR/cors/ 2.有时间再整理吧. <html> <head> <script src=&qu ...

  10. CodeForces 616C The Labyrinth

    先预处理出所有连通块,对于每一个*,看他四周的连通块即可 #include<cstdio> #include<cstring> #include<queue> #i ...