Use Wireshark to capture loopback traffic without a loopback adapter

If you’ve ever used Wireshark for debugging applications you may have noticed that it only seems to pick up traffic that is actually transmitted over the wire and ignores all traffic sent to your local ip address or localhost. If you want to watch this traffic without having to install a special loopback adapter you can use the following trick.

How to force local traffic to your default gateway
1) Open a command prompt (Run as Administrator for Vista/7)
2) Type ipconfig/all (note your local ip address(es) and default gateway)
3) Type “route add <your ip address> mask 255.255.255.255 <default gateway IP address> metric 1″

This instructs windows to send any requests for your local ip address to your default gateway, which will in turn forward the request back to your machine. Be aware that this route will disappear once you restart your machine unless you include the -p switch after the route command. You may also notice an echo effect if you’re using Wireshark because you see each request and response twice. You can remove this problem by applying the following filter at the top.

ip.src==<default gateway> or ip.dst==<default gateway>

Consider the default gateway as a client trying to reach your machine and all traffic sent to the default gateway as your machine’s response.

To remove the route, type “route delete <the ip address you entered>”.

If you have an application running locally that uses localhost, you can map localhost to the IP address you added a route for. Just don’t forget you mapped localhost to a different IP than 127.0.0.1!

How to map localhost
1) Open notepad (Run as Administrator in Vista/7)
2) Navigate to C:\Windows\System32\drivers\etc\ and open the hosts file (there’s no extension).
3) Add this entry “<the IP address you added a route for> localhost”. Note that the space between the ip address and localhost is a tab.

Now, when your machine tries to send something to localhost, it will resolve to the IP address you added a route for and send its traffic to your default gateway.

(Important!) Remember to unblock the port used for incoming traffic on your machine. Also, if you find that an application you’re using doesn’t seem to send out traffic the way you expect, try flushing the dns cache with ipconfig/flushdns.

转自:http://blog.sina.com.cn/s/blog_53d3653e0100t2kq.html

 

Use Wireshark to capture loopback traffic without a loopback adapter (转)的更多相关文章

  1. Cannot capture jmeter traffic in fiddler

    Cannot capture jmeter traffic in fiddler First, change Fiddler's port back to 8888 as it was origina ...

  2. WireShark Flow capture analysis

    Wiresharkl流量分析 1.图示是对WiFi数据接口的80号端口进行数据捕获,设置混杂模式 过滤表达式设置: IP地址设置过滤   ip.src==191.168.1.102    ip.dst ...

  3. 使用开源的工具解析erspan流量

    Decapsulation ERSPAN Traffic With Open Source Tools Posted on May 3, 2015 by Radovan BrezulaUpdated ...

  4. wireshark, loopback

    swapondd if=/dev/zero of=/data/mnt/swap bs=1024 count=8024000 sudo apt-get install wireshark sudo gr ...

  5. How To: Capture Android & iOS Traffic with Fiddler

    How To: Capture iOS Traffic with Fiddlerhttps://www.telerik.com/blogs/how-to-capture-ios-traffic-wit ...

  6. wireshark & fiddler

    wireshark display filterhttps://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDisplayFilterSec ...

  7. how to use fiddler and wireshark to decrypt ssl

    原文地址: http://security14.blogspot.jp/2010/07/how-to-use-fiddler-and-wireshark-to.html Requirements2 C ...

  8. Ubuntu下用wireshark抓取802.11封包并进行过滤分析

    要用wireshark抓802.11的包 需要在linux下进行. 要在linux下抓802.11的包 需要在linux下安装无线网卡驱动. 所以 在正式抓取之前先把这两样东西搞起来. *没有特殊说明 ...

  9. 新版本wireshark tshark使用

    Wireshark-tshark wireshark 指令模式 => tshark Windows 及Linux 可至安裝目錄執行>tshark tshark.exe -i 7(利用-D找 ...

随机推荐

  1. Node.js学习 - Route

    Node.js 路由 URL解析,需要url和querystring两个模块url.parse(string).query | url.parse(string).pathname | | | | | ...

  2. 转:Warning -26490: File name in a multipart submit is missing or empty.解决方法

    录制测试上传文件脚本,回放报Warning -26490: File name in a multipart submit is missing or empty. Using an empty fi ...

  3. 十二月总结-and-2016年终总结

    回顾 今天是2016的最后一天了,所以今天来做一个年终总结是最好不过的了.各种期末考试随着而来,也就意味着在工大的第一个学期马上结束了.回顾一下这一年所获得或者失去的一些东西: 2月份在家焦虑的等待着 ...

  4. 在web项目中使用cxf开发webservice,包含spring支持

    本文主要介绍了,如何使用cxf内置的例子,学会开发webserivce,在web项目中使用,且包含spring支持. webserivce的开发可以使用cxf或者axis,好像还有httpclient ...

  5. CST 公共生成树

    本实验只讨论CST(公共的生成树) 一.实验前先理解生成树决策的4 个步骤: 二.实验拓扑 1. 实验描述: 由于业务的要求,要有可靠的链路,要对链路实现冗余,但链路的冗余有可能给网络带来广播风暴,重 ...

  6. 数值标记问题 离线+树状数组 HDU 3938 + HDU 3333

    HDU 3938 题目大意:给你一个长度为n的数组a,定义区间[l,r]的val为区间内所有不同的数值之和.现在有m个询问,每次询问一个区间,问区间的val是多少. 思路:将所有的询问按照右端点排序. ...

  7. 老问题:Android子线程中更新UI的3种方法

    在Android项目中经常有碰到这样的问题,在子线程中完成耗时操作之后要更新UI,下面就自己经历的一些项目总结一下更新的方法: 方法一:用Handler 1.主线程中定义Handler: Handle ...

  8. 2016青岛网络赛 The Best Path

    The Best Path Time Limit: 9000/3000 MS (Java/Others)    Memory Limit: 65535/32768 K (Java/Others) Pr ...

  9. String Matching Content Length

    hihocoder #1059 :String Matching Content Length 时间限制:10000ms 单点时限:1000ms 内存限制:256MB 描述 We define the ...

  10. 用apache配置多个tomcat webapp

    The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for m ...