Easy way: Force all localhost traffic thru your network card.
If you run route print you would see something like this
Here 10.118.183.252 is my local ipv4 address. As you can see any request to that ipaddress is short circuited by the operating system. It doesn't go thru my network card. To see the local host traffic in wireshark you need to perform these two steps
1>Modify routes to send all traffic for local ip address thru your default gateway (in this case 10.118.183.253)
route delete 10.118.183.252
route ADD 10.118.183.252 MASK 255.255.255.255 10.118.183.253
(This change is temporary. These changes will be lost when you restart your machine. to make these chages persistent use route -p instead of route)
2>Instead of localhost use your local ipaddress in all urls.
There you are all set!
An Alternative way
1> Install microsoft loopback adapter.
2>Make sure you can ping loop back adapter by its static ip address. Otherwise further steps would fail.
After successfully completing this step, restart the machine.
2>Install Wireshark. (with winpcap, when prompted)
If wireshark is already installed, reinstall after restart. Otherwise Wireshark won't see this new network interface.
3>Install rawcap
4>Start rawcap by double clicking it. Select the Loop back adapter when prompted.
5>After you have captured all the traffic you need, stop rawcap by pressing ctrl+c.
6>Now doubleclick and open dumpfile.pcap.
I tested this for tomcat and IIS.
If you run route print you would see something like this
Here 10.118.183.252 is my local ipv4 address. As you can see any request to that ipaddress is short circuited by the operating system. It doesn't go thru my network card. To see the local host traffic in wireshark you need to perform these two steps
1>Modify routes to send all traffic for local ip address thru your default gateway (in this case 10.118.183.253)
route delete 10.118.183.252
route ADD 10.118.183.252 MASK 255.255.255.255 10.118.183.253
(This change is temporary. These changes will be lost when you restart your machine. to make these chages persistent use route -p instead of route)
2>Instead of localhost use your local ipaddress in all urls.
There you are all set!
An Alternative way
1> Install microsoft loopback adapter.
2>Make sure you can ping loop back adapter by its static ip address. Otherwise further steps would fail.
After successfully completing this step, restart the machine.
2>Install Wireshark. (with winpcap, when prompted)
If wireshark is already installed, reinstall after restart. Otherwise Wireshark won't see this new network interface.
3>Install rawcap
4>Start rawcap by double clicking it. Select the Loop back adapter when prompted.
5>After you have captured all the traffic you need, stop rawcap by pressing ctrl+c.
6>Now doubleclick and open dumpfile.pcap.
I tested this for tomcat and IIS.
No comments:
Post a Comment
Comments will appear once they have been approved by the moderator