This article is a quick and easy HowTo detailing the use of Wireshark or another network sniffing program to debug your Apache .htaccess or httpd.conf files.

First some shell based tools.

wget -S --spider URLlynx -head -dump URLcurl -I URLHEAD URLGET -de URLw3m -dump_head URLsiege -g URL


Set Your Capture-filter to tcp port 80 and then start capturing. Use any of the following display filters to view the data you want.

Display Filters ^

HTTP Display Filter Options ^

  • http.accept String Accept
  • http.accept_encoding String Accept Encoding
  • http.accept_language String Accept-Language
  • http.authbasic String Credentials
  • http.authorization String Authorization
  • http.cache_control String Cache-Control
  • http.connection String Connection
  • http.content_encoding String Content-Encoding
  • http.content_length Unsigned 32-bit integer Content-Length
  • http.content_type String Content-Type
  • http.cookie String Cookie
  • http.date String Date
  • http.host String Host
  • http.last_modified String Last-Modified
  • http.location String Location
  • http.notification Boolean Notification
  • http.proxy_authenticate String Proxy-Authenticate
  • http.proxy_authorization String Proxy-Authorization
  • http.referer String Referer
  • http.request Boolean Request
  • http.request.method String Request Method
  • http.request.uri String Request URI
  • http.request.version String Request Version
  • http.response Boolean Response
  • http.response.code Unsigned 16-bit integer Response Code
  • http.server String Server
  • http.set_cookie String Set-Cookie
  • http.transfer_encoding String Transfer-Encoding
  • http.user_agent String User-Agent
  • http.www_authenticate String WWW-Authenticate
  • http.x_forwarded_for String X-Forwarded-For

View All HTTP trafic ^

http
 
 
 

View all flash video stuff ^

http.request.uri contains "flv" or http.request.uri contains "swf" or http.content_type contains "flash" or http.content_type contains "video"

Show non-google cache-control ^

http.cache_control != "private, x-gzip-ok="""

or

(((((http.cache_control != "private, x-gzip-ok=""") && !(http.cache_control == "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private")) && !(http.cache_control == "max-age=0, no-store")) && !(http.cache_control == "private")) && !(http.cache_control == "no-cache")) && !(http.cache_control == "no-transform")

Show only certain responses ^

#404: page not found
http.response.code == 404
 
#200: OK
http.response.code == 200

Show only certain HTTP methods ^

http.request.method == "POST" || http.request.method == "PUT"

Show only filetypes that begin with "text" ^

http.content_type[0:4] == "text"

Show only javascript ^

http.content_type contains "javascript"

Show all http with content-type="image/(gif|jpeg|png|etc)" ^

http.content_type[0:5] == "image"

Show all http with content-type="image/gif" ^

http.content_type == "image/gif"

Do not show content http, only headers ^

http.response !=0 || http.request.method != "TRACE"

Setting HTTP Preferences ^

Reassemble HTTP headers spanning multiple TCP segments: ^

When this preference is enabled, then the HTTP dissector will reassemble the HTTP header if it has been transmitted over more than one TCP segment. Although it is unusual for headers span multiple segments, it's not impossible, and this should be checked if you expect to view the contents of the HTTP conversation.

Reassemble HTTP bodies spanning multiple TCP segments: ^

When this preference is enabled, then the HTTP dissector will reassemble the HTTP body if it has been transmitted over more than one TCP segment. All but the smallest of responses will span multiple segments, so this preference should be checked if you expect to view the contents of the HTTP conversation.See TCP Reassembly for an example on how to use this to extract JPEG images from a capture.

Reassemble chunked transfer-coded bodies: ^

When this preference is enabled, any chunked transfer-coding response spanning multiple segments will be decoded and the payload (the body of the response) will be added to the protocol tree. This happens automatically for one segment responses.

Uncompress entity bodies: ^

Enable this preference if gzip or deflate encoded (compressed) HTTP entities should be decoded. This allows the visualisation of the compressed data, and possibly the dissection of it.

wireshark http抓包命令行详解的更多相关文章

  1. 7Z命令行详解

    7z.exe在CMD窗口的使用说明如下: 7-Zip (A) 4.57 Copyright (c) 1999-2007 Igor Pavlov 2007-12-06 Usage: 7za <co ...

  2. linux下抓包工具tcpdump详解

    本文转自:http://www.cnblogs.com/ggjucheng/archive/2012/01/14/2322659.html 简介 用简单的话来定义tcpdump,就是:dump the ...

  3. gcc命令行详解

    介绍] ----------------------------------------- 常见用法: GCC 选项 GCC 有超过100个的编译选项可用. 这些选项中的许多你可能永远都不会用到, 但 ...

  4. [转] Linux抓包工具tcpdump详解

    http://www.ha97.com/4550.html PS:tcpdump是一个用于截取网络分组,并输出分组内容的工具,简单说就是数据包抓包工具.tcpdump凭借强大的功能和灵活的截取策略,使 ...

  5. Linux抓包工具tcpdump详解

    tcpdump是一个用于截取网络分组,并输出分组内容的工具,简单说就是数据包抓包工具.tcpdump凭借强大的功能和灵活的截取策略,使其成为Linux系统下用于网络分析和问题排查的首选工具. tcpd ...

  6. 抓包工具Fidder详解(主要来抓取Android中app的请求)

    今天闲着没吊事,来写一篇关于怎么抓取Android中的app数据包?工欲行其事,必先利其器,上网google了一下,发现了一款神器:Fiddler,这个貌似是所有软件开发者必备神器呀!这款工具不仅可以 ...

  7. Fiddler抓包工具使用详解

    一.Fiddler简介 Fiddler是最强大最好用的Web调试工具之一, 它能记录所有客户端和服务器的http和https请求.允许你监视.设置断点.甚至修改输入输出数据.Fiddler包含了一个强 ...

  8. 抓包工具Fidder详解

    第一步:下载神器Fiddler,下载链接: http://fiddler2.com/get-fiddler 下载完成之后,傻瓜式的安装一下了! 现在这个下载链接失效了,可以百度下载 第二步:设置Fid ...

  9. GCC 命令行详解 -L 指定库的路径 -l 指定需连接的库名(转载)

    转载自:http://www.cnblogs.com/cy163/archive/2009/03/12/1409434.html 1.gcc包含的c/c++编译器gcc,cc,c++,g++,gcc和 ...

随机推荐

  1. BASH_SUBSHELL 变量不生效的情况

    BASH_SUBSHELL 实现于 Bash 3.0,我一直想不到它在实际编码中有什么用,后来在 Bash 的 Change Log 里找到一句话,才知道它是作调试用的: New variables ...

  2. spinlock原理

    [参考] http://www.searchtb.com/2011/06/spinlock%E5%89%96%E6%9E%90%E4%B8%8E%E6%94%B9%E8%BF%9B.html

  3. log4net的配置与使用

    log4net解决的问题是在.Net下提供一个记录日志的框架,它提供了向多种目标写入的实现,比如利用log4net可以方便地将日志信息记录到文件.控制台.Windows事件日志和数据库(包括MS SQ ...

  4. What is classical music

    quanben's definition of classical music is a definition formed by the following aspects, 1. music wr ...

  5. Win7 下以管理员身份运行批处理文件,切换JDK版本

    Win7下 切换JDK的批处理命令 1. 批处理文件(必须以管理员身份执行)内容如下 @echo off rem --- Base Config 配置JDK的安装目录 --- :init set JA ...

  6. 安装 ArcGIS Runtime SDK for Android

    ArcGIS for Android 开发:Android 平台搭建 - liyong20080101的专栏 - 博客频道 - CSDN.NET http://blog.csdn.net/liyong ...

  7. [LeetCode 114] - 将树平面化为链表(Flatten Binary Tree to Linked List)

    问题 给出一个二叉树,将其原地平面化为链表. 例如,给出: 1   /  \  2    5 / \     \ 3  4     6 平面化后的树看起来应该是这样: 1 \  2    \      ...

  8. 读改善c#代码157个建议:建议4~6

    目录: 建议4:TryParse比Parse好 建议5:使用int?确保值类型也可以为null 建议6:区别 readonly 和 const 的用法 一.建议4:TryParse比Parse 好 T ...

  9. Android studio 项目(Project)依赖(非Module)

    Android studio 项目(Project)依赖(非Module) 0. 前言 对于Module 级别的依赖大家都知道,今天说下Android Studio下的项目依赖. 场景: A Proj ...

  10. VB读写进程的内存

    在窗体部分简单测试了ReadProcessMemory和WriteProcessMemory对另一个程序进程的读写. 由于临时项目变动,又不需要了,所以直接封类,删工程.以下代码没有一个函数经过测试, ...