Wireshark is a very popular network packet analysis software. It is very powerful. It can intercept various network packets and display detailed information of network packets. Many friends may not know how to capture packets with wireshark. For this reason, the editor has brought you wireshark capture. Package tutorial, if you don’t know it, let’s take a look!
How to capture packets with wireshark
1. First open the wireshark network analyzer. The main interface is as follows;
2. Click the capture network interface card selection button and select the network card interface that needs to be captured. ; If you are not sure which network interface it is, you can look at the interface with the most changed packet data, select it and click "start" to start capturing packets;
3. If special configuration is required, you need First perform the configuration operation of packet capture money, click the configuration operation button on the way to enter the packet capture configuration operation interface, and perform the corresponding configuration; after the configuration is completed, click "start" to start packet capture;
4. After wireshark is started, wireshark is in the packet capture state;
5. Perform operations that require packet capture, such as ping www.baidu.com;
6. After the operation is completed, the relevant data packets will be captured Got it. To prevent other useless data packets from affecting the analysis, you can filter the data packet list by setting filter conditions in the filter column. The results obtained are as follows. Note: ip.addr == 119.75.217.26 and icmp means that only the data packets of the ICPM protocol and the source host IP or destination host IP are 119.75.217.26 are displayed;
7. If the data packets are not captured, If you want the data packet, click the re-capture button; or after capturing the data packet you need, you can click the red stop button;
8. In the data packet list area Different protocols use different colors. The protocol color identification is located in the menu bar View - Coloring Rules, as shown below.
The above is the detailed content of How to capture packets in 'wireshark'. For more information, please follow other related articles on the PHP Chinese website!