Use Wireshark to capture loopback traffic without a loopback adapter

If you’ve ever used Wireshark for debugging applications you may have noticed that it only seems to pick up traffic that is actually transmitted over the wire and ignores all traffic sent to your local ip address or localhost. If you want to watch this traffic without having to install a special loopback adapter you can use the following trick.

How to force local traffic to your default gateway
1) Open a command prompt (Run as Administrator for Vista/7)
2) Type ipconfig/all (note your local ip address(es) and default gateway)
3) Type “route add <your ip address> mask 255.255.255.255 <default gateway IP address> metric 1″

This instructs windows to send any requests for your local ip address to your default gateway, which will in turn forward the request back to your machine. Be aware that this route will disappear once you restart your machine unless you include the -p switch after the route command. You may also notice an echo effect if you’re using Wireshark because you see each request and response twice. You can remove this problem by applying the following filter at the top.

ip.src==<default gateway> or ip.dst==<default gateway>

Consider the default gateway as a client trying to reach your machine and all traffic sent to the default gateway as your machine’s response.

To remove the route, type “route delete <the ip address you entered>”.

If you have an application running locally that uses localhost, you can map localhost to the IP address you added a route for. Just don’t forget you mapped localhost to a different IP than 127.0.0.1!

How to map localhost
1) Open notepad (Run as Administrator in Vista/7)
2) Navigate to C:\Windows\System32\drivers\etc\ and open the hosts file (there’s no extension).
3) Add this entry “<the IP address you added a route for> localhost”. Note that the space between the ip address and localhost is a tab.

Now, when your machine tries to send something to localhost, it will resolve to the IP address you added a route for and send its traffic to your default gateway.

(Important!) Remember to unblock the port used for incoming traffic on your machine. Also, if you find that an application you’re using doesn’t seem to send out traffic the way you expect, try flushing the dns cache with ipconfig/flushdns.

转自:http://blog.sina.com.cn/s/blog_53d3653e0100t2kq.html

 

Use Wireshark to capture loopback traffic without a loopback adapter (转)的更多相关文章

  1. Cannot capture jmeter traffic in fiddler

    Cannot capture jmeter traffic in fiddler First, change Fiddler's port back to 8888 as it was origina ...

  2. WireShark Flow capture analysis

    Wiresharkl流量分析 1.图示是对WiFi数据接口的80号端口进行数据捕获,设置混杂模式 过滤表达式设置: IP地址设置过滤   ip.src==191.168.1.102    ip.dst ...

  3. 使用开源的工具解析erspan流量

    Decapsulation ERSPAN Traffic With Open Source Tools Posted on May 3, 2015 by Radovan BrezulaUpdated ...

  4. wireshark, loopback

    swapondd if=/dev/zero of=/data/mnt/swap bs=1024 count=8024000 sudo apt-get install wireshark sudo gr ...

  5. How To: Capture Android & iOS Traffic with Fiddler

    How To: Capture iOS Traffic with Fiddlerhttps://www.telerik.com/blogs/how-to-capture-ios-traffic-wit ...

  6. wireshark & fiddler

    wireshark display filterhttps://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDisplayFilterSec ...

  7. how to use fiddler and wireshark to decrypt ssl

    原文地址: http://security14.blogspot.jp/2010/07/how-to-use-fiddler-and-wireshark-to.html Requirements2 C ...

  8. Ubuntu下用wireshark抓取802.11封包并进行过滤分析

    要用wireshark抓802.11的包 需要在linux下进行. 要在linux下抓802.11的包 需要在linux下安装无线网卡驱动. 所以 在正式抓取之前先把这两样东西搞起来. *没有特殊说明 ...

  9. 新版本wireshark tshark使用

    Wireshark-tshark wireshark 指令模式 => tshark Windows 及Linux 可至安裝目錄執行>tshark tshark.exe -i 7(利用-D找 ...

随机推荐

  1. android studio没有浮现函数用法和属性说明?

    最近转用android studio,在使用eclipse和android studio时原本在鼠标停留处或智能提示能浮现文档相关内容,但我的是一直显示Fetching Documentation…… ...

  2. bundle export fail

    C:\eclipse\eclipse.exe -vmargs -Dfile.encoding=utf8

  3. script 两则

    script1: PATH=/usr/local/bin:/usr/bin:$PATH:. . $HOME/utility/macro/macro.env OVO_DIR=/tmp LOGFILE=$ ...

  4. ListView下拉刷新、上拉载入更多之封装改进

    在Android中ListView下拉刷新.上拉载入更多示例一文中,Maxwin兄给出的控件比较强大,前面有详细介绍,但是有个不足就是,里面使用了一些资源文件,包括图片,String,layout,这 ...

  5. (转)java判断string变量是否是数字的六种方法小结

    java判断string变量是否是数字的六种方法小结 (2012-10-17 17:00:17) 转载▼ 标签: it 分类: 转发 1.用JAVA自带的函数 public static boolea ...

  6. CodeForces 158C - Cd and pwd commands(模拟)

    这个题我们又把题意理解错了,队友翻译了以后给我解释,我问这个直接一个单词开头的是要找到这个文件夹吗,他说是,然后我就呵呵了..奔着树形结构去和字符串维护就去了...做了好久都没模拟出来,感觉做出来的人 ...

  7. 转:创建编码的WebTest

    创建编码的WebTest•通常,通过将现有的已记录Web测试转换为编码的Web测试来创建编码的Web测试.记录的Web测试以“Web测试编辑器”中可见的请求树开头.编码的Web测试是一个生成一系列We ...

  8. PowerDesigner中几个使用技巧

    一.主键自增 二.设置列的约束 三.修改Name和Code一起改变的选项 Tools = > Generator Options=>Dialog -> Name to Code mi ...

  9. 树列复选框Extjs

    <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding= ...

  10. php 内置的 webserver 研究。

    今天,试了一下通过 php5.4.45 内置的webserver , 在Windows XP 上面能够跑起公司的一个项目,完全无压力.哈哈,只要一个php 就可以,不需要 Apache , Nginx ...