Certainly! Here’s a rewritten version of the content:**Abstract:** Original source www.bysocket.com Mason BYSocket. Please retain this abstract if you wish to republish, thank you! The focus of the text is on packet capturing.
“snow warn throughout the winter”
Simply put, Wireshark is a packet capturing tool. The official site says, “Wireshark is a network packet analysis tool. A network packet analyzer tries to capture network packets and tries to display that packet as detailed as possible.”
I recommend a book titled “Wireshark Network Analysis Made Simple,” and the download link for the Wireshark tool is https://www.wireshark.org/download.html.
Wireshark not only captures packets, its main features involve various analyses of data packets. The download and opening interface is very simple and intuitive:
The top is the Packet List window, which lists all network packets.
The selected network packet in the Packet List is displayed in detail in the middle Packet Details window.
The bottom is the Packet Bytes Details window (hexadecimal data), which we generally do not use.
TCP looks bewildered. I remember learning in “” that HTTP is a standard TCP request and response protocol between a client and a server. In fact, it is built on TCP. Let’s capture HTTP; this is very simple.
Select Capture – Options, select the current network, and click Start. As shown:
Then open my blog www.bysocket.com in the browser, and then enter the blog IP filter in the Wireshark filter: ip.addr == 106.14.40.18
Select the first line, as shown in the first figure, to briefly introduce the Packet Details window parameter details:
Frame – Physical LayerEthernet – Data Link LayerInternet Protocol Version – Network LayerTransmission Control Protocol – Transport Layer
As you know, the network is divided into the standard OSI seven-layer model, as well as the TCP/IP four-layer protocol and TCP/IP five-layer protocol. As shown:
The Transmission Control Protocol – Transport Layer is what we are most concerned about. The diagram is already expanded: