In actual development, there are various aspects involving network transmission. During these processes, we often need to view the data being transmitted. As a result, packet capture tools have emerged. Wireshark is a widely known packet capture and analysis software with robust protocol analysis capabilities. This article will explain how to install the Wireshark packet capture tool on a Linux system, using CentOS7 as an example, focusing on Linux network analysis.
Since we will be using Alibaba’s yum source in China, you need to check whether your CentOS or other system has switched to a domestic mirror source. If not, you can refer to my article: .
After switching the yum source, we switch the user to admin using su.
When the command line prompts “Completed”, the installation is successful;
After entering the startup command, the Wireshark interface will automatically pop up.
Select the interface we need to capture, and click Start to capture data.
The colorful lines here are the data we captured.
The content displayed in each module of the interface from top to bottom is: display filter, packet list, packet details, hexadecimal data, address bar.
You can filter through the Filter, with options such as protocol, IP, port, http mode, etc.
Among them, the packet details are the panel we need to focus on, used to view each field in the protocol. The information in each line isFrame: Physical layer, showing data frame overview;Ethernet II: Data link layer, showing Ethernet frame header information;Internet Protocol Version 4: Network layer, here is the IP packet header information;User Datagram Protocol: Transport layer information, here is the UDP protocol;Hypertext Transfer Protocol: Application layer information, here is the HTTP protocol;
Damon, Chinese, Liu Guangzhi, Software development engineer, CSDN quality creator, Ali Cloud expert blogger, Microsoft Technology Associate, Good at C#, Java, PHP, Python, etc, Love sports, Workaholic, Communist.