Use Wireshark to capture loopback traffic without a loopback adapter

If you’ve ever used Wireshark for debugging applications you may have noticed that it only seems to pick up traffic that is actually transmitted over the wire and ignores all traffic sent to your local ip address or localhost. If you want to watch this traffic without having to install a special loopback adapter you can use the following trick.

How to force local traffic to your default gateway
1) Open a command prompt (Run as Administrator for Vista/7)
2) Type ipconfig/all (note your local ip address(es) and default gateway)
3) Type “route add <your ip address> mask 255.255.255.255 <default gateway IP address> metric 1″

This instructs windows to send any requests for your local ip address to your default gateway, which will in turn forward the request back to your machine. Be aware that this route will disappear once you restart your machine unless you include the -p switch after the route command. You may also notice an echo effect if you’re using Wireshark because you see each request and response twice. You can remove this problem by applying the following filter at the top.

ip.src==<default gateway> or ip.dst==<default gateway>

Consider the default gateway as a client trying to reach your machine and all traffic sent to the default gateway as your machine’s response.

To remove the route, type “route delete <the ip address you entered>”.

If you have an application running locally that uses localhost, you can map localhost to the IP address you added a route for. Just don’t forget you mapped localhost to a different IP than 127.0.0.1!

How to map localhost
1) Open notepad (Run as Administrator in Vista/7)
2) Navigate to C:\Windows\System32\drivers\etc\ and open the hosts file (there’s no extension).
3) Add this entry “<the IP address you added a route for> localhost”. Note that the space between the ip address and localhost is a tab.

Now, when your machine tries to send something to localhost, it will resolve to the IP address you added a route for and send its traffic to your default gateway.

(Important!) Remember to unblock the port used for incoming traffic on your machine. Also, if you find that an application you’re using doesn’t seem to send out traffic the way you expect, try flushing the dns cache with ipconfig/flushdns.

转自:http://blog.sina.com.cn/s/blog_53d3653e0100t2kq.html

 

Use Wireshark to capture loopback traffic without a loopback adapter (转)的更多相关文章

  1. Cannot capture jmeter traffic in fiddler

    Cannot capture jmeter traffic in fiddler First, change Fiddler's port back to 8888 as it was origina ...

  2. WireShark Flow capture analysis

    Wiresharkl流量分析 1.图示是对WiFi数据接口的80号端口进行数据捕获,设置混杂模式 过滤表达式设置: IP地址设置过滤   ip.src==191.168.1.102    ip.dst ...

  3. 使用开源的工具解析erspan流量

    Decapsulation ERSPAN Traffic With Open Source Tools Posted on May 3, 2015 by Radovan BrezulaUpdated ...

  4. wireshark, loopback

    swapondd if=/dev/zero of=/data/mnt/swap bs=1024 count=8024000 sudo apt-get install wireshark sudo gr ...

  5. How To: Capture Android & iOS Traffic with Fiddler

    How To: Capture iOS Traffic with Fiddlerhttps://www.telerik.com/blogs/how-to-capture-ios-traffic-wit ...

  6. wireshark & fiddler

    wireshark display filterhttps://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDisplayFilterSec ...

  7. how to use fiddler and wireshark to decrypt ssl

    原文地址: http://security14.blogspot.jp/2010/07/how-to-use-fiddler-and-wireshark-to.html Requirements2 C ...

  8. Ubuntu下用wireshark抓取802.11封包并进行过滤分析

    要用wireshark抓802.11的包 需要在linux下进行. 要在linux下抓802.11的包 需要在linux下安装无线网卡驱动. 所以 在正式抓取之前先把这两样东西搞起来. *没有特殊说明 ...

  9. 新版本wireshark tshark使用

    Wireshark-tshark wireshark 指令模式 => tshark Windows 及Linux 可至安裝目錄執行>tshark tshark.exe -i 7(利用-D找 ...

随机推荐

  1. JspWriter与PrintWriter的关系

    一.JspWriter与PrintWriter的关系: 1.都是继承自java.io.Writer类. JspWriter可以在JSP页面中直接用out对象输出.可以用pageContext.getO ...

  2. PAT (Advanced Level) 1104. Sum of Number Segments (20)

    简单题. #include<cstdio> #include<cstring> #include<cmath> #include<vector> #in ...

  3. USACO Section 1.3 Ski Course Design 解题报告

    题目 题目描述 有N座山,每座山都有一个高度,现在由于农夫想避税,所以想把这些山的高度进行一些改变,使得最高的山与最低的山之间的高度差不超过17.每座山最多只能改变一次高度,每次改变高度都会产生一定的 ...

  4. 《云阅》一个仿网易云音乐UI,使用Gank.Io及豆瓣Api开发的开源项目

    CloudReader 一款基于网易云音乐UI,使用GankIo及豆瓣api开发的符合Google Material Desgin阅读类的开源项目.项目采取的是Retrofit + RxJava + ...

  5. s5pv210 AD转换

    1:ADC:Analog-to-Digital Converter,模拟信号转数字信号,自然界一般为模拟信号,而SoC需要数字信号,所以之间通信需要ADC. 2:转换原理: 以逐次逼近式AD转换为例: ...

  6. Entity Framework 学习初级篇3-- LINQ TO Entities

    LINQ 技术(即 LINQ to Entities)使开发人员能够通过使用 LINQ 表达式和 LINQ 标准查询运算符,直接从开发环境中针对 实体框架对象上下文创建灵活的强类型查询.LINQ to ...

  7. angula组件-通过键盘实现多选(原创)

    在刚刚结束的angular交易系统项目中有几个需求是让我感觉要花点时间的 如何更优雅的使用angular-bootstrap 的 Modal框. 通过键盘实现ctrl多选,shfit批量选的功能. 如 ...

  8. Web爬去的C#请求发送

    public class HttpControler { //post请求发送 private Encoding m_Encoding = Encoding.GetEncoding("gb2 ...

  9. 前端复制功能的若干 -- document.execCommand()

    最近涨停科技公司实习,由于backend基础太弱...强行前端了一把..搞了两周才搞下页面里copy的功能,期间有些琐碎,恐忘,记录在此. 目前copy主流有四种方式:ZeroClipboard,Cl ...

  10. MyEclipse10.7使用egit托管项目到GitHub

    原文出处:http://www.xuebuyuan.com/2126438.html 1.注册一个github账户:(www.github.com)点击打开链接 注册完成后,登录github后点击右上 ...