目 录

Preface 

1. Foreword 前言

2. Who should read this document? 谁适合读该文档?

3. Acknowledgements 致谢

4. About this document 关于本文档

5. Where to get the latest copy of this document? 哪里获取本文档最新副版

6. Providing feedback about this document 反馈

7. Typographic Conventions 版式约定

7.1. Admonitions 期望
7.2. Shell Prompt and Source Code Examples 源码案例

1. Introduction 简介

1.1. What is Wireshark? 什么是Wireshark

1.1.1. Some intended purposes 预期用途
1.1.2. Features  特性
1.1.3. Live capture from many different network media  不同网络介质在线抓取
1.1.4. Import files from many other capture programs  导入抓包文件
1.1.5. Export files for many other capture programs  导出抓包文件
1.1.6. Many protocol dissectors 协议剥离
1.1.7. Open Source Software  打开软件
1.1.8. What Wireshark is not

1.2. System Requirements  系统要求

1.2.1. Microsoft Windows
1.2.2. UNIX / Linux

1.3. Where to get Wireshark  如何获取Wireshark

1.4. A brief history of Wireshark  Wireshark简史

1.5. Development and maintenance of Wireshark  Wireshark开发与运维

1.6. Reporting problems and getting help  上报问题并获得帮助

1.6.1. Website
1.6.2. Wiki
1.6.3. Q&A Site
1.6.4. FAQ
1.6.5. Mailing Lists
1.6.6. Reporting Problems
1.6.7. Reporting Crashes on UNIX/Linux platforms
1.6.8. Reporting Crashes on Windows platforms

2. Building and Installing Wireshark  构建安装Wireshark

2.1. Introduction  简介

2.2. Obtaining the source and binary distributions  获取源码和二进制发行版

2.3. Installing Wireshark under Windows  Windows安装Wireshark

2.3.1. Installation Components  安装组件
2.3.2. Additional Tasks 额外任务
2.3.3. Install Location 安装位置
2.3.4. Installing Npcap 安装Npcap
2.3.5. Windows installer command line options  Windows安装命令行选项
2.3.6. Manual Npcap Installation 手动Npcap安装
2.3.7. Update Wireshark 升级Wireshark
2.3.8. Update Npcap 升级Npcap
2.3.9. Uninstall Wireshark 协助Wireshark
2.3.10. Uninstall Npcap 协助Npcap

2.4. Installing Wireshark under macOS  macOS安装Wireshark

2.5. Building Wireshark from source under UNIX  UNIX源码安装Wireshark

2.6. Installing the binaries under UNIX  UNIX二进制安装Wireshark

2.6.1. Installing from RPMs under Red Hat and alike   红帽环境下RPM安装
2.6.2. Installing from debs under Debian, Ubuntu and other Debian derivatives  Debian等环境deb安装
2.6.3. Installing from portage under Gentoo Linux  GentooLinux环境 portage安装
2.6.4. Installing from packages under FreeBSD  FreeBSD环境安装包安装

2.7. Troubleshooting during the build and install on Unix   Unix构建安装问题快照

2.8. Building from source under Windows Windows下源码安装

3. User Interface   用户界面

3.1. Introduction  简介

3.2. Start Wireshark  启动Wireshark

3.3. The Main window 主界面

3.3.1. Main Window Navigation  主界面导航

3.4. The Menu  菜单

3.5. The “File” menu   菜单-文件

3.6. The “Edit” Menu   菜单-编辑

3.7. The “View” Menu   菜单-视图

3.8. The “Go” Menu  菜单-跳转

3.9. The “Capture” menu  菜单-捕获

3.10. The “Analyze” Menu  菜单-分析

3.11. The “Statistics” Menu  菜单-统计

3.12. The “Telephony” Menu  菜单-电话

3.13. The “Tools” Menu  菜单-工具

3.14. The “Help” Menu  菜单-帮助

3.15. The “Main” Toolbar  工具栏-常规工具

3.16. The “Filter” Toolbar  工具栏-过滤

3.17. The “Packet List” Pane  面板-报文列表

3.18. The “Packet Details” Pane    面板-报文详情

3.19. The “Packet Bytes” Pane   面板-报文字节

3.20. The Statusbar  状态栏

4. Capturing Live Network Data  捕获在线网络数据

4.1. Introduction  简介

4.2. Prerequisites   前提条件

4.3. Start Capturing  开始捕获

4.4. The “Capture Interfaces” dialog box  捕获界面对话框

4.5. The “Capture Options” dialog box  捕获设置对话框

4.5.1. Capture frame  捕获
4.5.2. Capture File(s) frame  捕获文件
4.5.3. Stop Capture…​ frame  停止捕获
4.5.4. Display Options frame 显示设置
4.5.5. Name Resolution frame 域名解析
4.5.6. Buttons  按钮

4.6. The “Edit Interface Settings” dialog box  编辑界面设置对话框

4.7. The “Compile Results” dialog box  编译结果对话框

4.8. The “Add New Interfaces” dialog box  增加新接口对话框

4.8.1. Add or remove pipes 新增/删除?
4.8.2. Add or hide local interfaces 新增/隐藏本地接口
4.8.3. Add or hide remote interfaces  新增/隐藏远方接口

4.9. The “Remote Capture Interfaces” dialog box  远程捕获接口对话框

4.9.1. Remote Capture Interfaces  远程捕获接口
4.9.2. Remote Capture Settings  远程捕获设置

4.10. The “Interface Details” dialog box  接口详情对话框

4.11. Capture files and file modes  捕获文件及文件模式

4.12. Link-layer header type  链接层头类型

4.13. Filtering while capturing  抓包时过滤

4.13.1. Automatic Remote Traffic Filtering 自动化远程过滤

4.14. While a Capture is running …​   抓包过程中

4.14.1. Stop the running capture  停止抓包
4.14.2. Restart a running capture  重新抓包

5. File Input, Output, and Printing 文件输入、输出、打印

5.1. Introduction  简介

5.2. Open capture files   打开抓包文件

5.2.1. The “Open Capture File” dialog box
5.2.2. Input File Formats

5.3. Saving captured packets  保存抓包

5.3.1. The “Save Capture File As” dialog box
5.3.2. Output File Formats

5.4. Merging capture files  合并抓包

5.4.1. The “Merge with Capture File” dialog box

5.5. Import hex dump 导入 hex dump

5.5.1. The “Import from Hex Dump” dialog box

5.6. File Sets  文件设置

5.6.1. The “List Files” dialog box

5.7. Exporting data  导出数据

5.7.1. The “Export as Plain Text File” dialog box
5.7.2. The “Export as PostScript File” dialog box
5.7.3. The “Export as CSV (Comma Separated Values) File” dialog box
5.7.4. The “Export as C Arrays (packet bytes) file” dialog box
5.7.5. The “Export as PSML File” dialog box
5.7.6. The “Export as PDML File” dialog box
5.7.7. The “Export selected packet bytes” dialog box
5.7.8. The “Export Objects” dialog box

5.8. Printing packets 打印包

5.8.1. The “Print” dialog box  打印对话框

5.9. The “Packet Range” frame   包范围?

5.10. The Packet Format frame   包模式?

6. Working With Captured Packets 抓包文件用途

6.1. Viewing Packets You Have Captured  查看抓包文件

6.2. Pop-up Menus  弹出式菜单

6.2.1. Pop-up Menu Of The “Packet List” Column Header  报文列表列标题弹出菜单
6.2.2. Pop-up Menu Of The “Packet List” Pane  报文列表面包弹出菜单
6.2.3. Pop-up Menu Of The “Packet Details” Pane  报文详情面板弹出菜单
6.2.4. Pop-up Menu Of The “Packet Bytes” Pane  报文字节面板弹出菜单

6.3. Filtering Packets While Viewing  显示过滤报文

6.4. Building Display Filter Expressions 创建显示过滤表达式

6.4.1. Display Filter Fields  显示过滤区
6.4.2. Comparing Values  对比值
6.4.3. Combining Expressions 组合表达式
6.4.4. Slice Operator 切片运算符
6.4.5. Membership Operator  隶属运算符
6.4.6. Functions 函数
6.4.7. A Common Mistake 常见错误
6.4.8. Sometimes Fields Change Names 字段改名

6.5. The “Filter Expression” Dialog Box  过滤表达式对话框

6.6. Defining And Saving Filters 定义及保存过滤器

6.7. Defining And Saving Filter Macros 定义及保存过滤常量

6.8. Finding Packets 查找包

6.8.1. The “Find Packet” Toolbar  查找包工具栏

6.9. Go To A Specific Packet 跳转到指定报文

6.9.1. The “Go Back” Command
6.9.2. The “Go Forward” Command
6.9.3. The “Go to Packet” Toolbar
6.9.4. The “Go to Corresponding Packet” Command
6.9.5. The “Go to First Packet” Command
6.9.6. The “Go to Last Packet” Command

6.10. Marking Packets 标记报文

6.11. Ignoring Packets 忽略报文

6.12. Time Display Formats And Time References 显示样式及时间参考

6.12.1. Packet Time Referencing  报文时间参考

7. Advanced Topics  高级应用

7.1. Introduction

7.2. Following Protocol Streams

7.3. Show Packet Bytes

7.4. Expert Information

7.4.1. Expert Info Entries
7.4.2. “Expert Info” dialog
7.4.3. “Colorized” Protocol Details Tree
7.4.4. “Expert” Packet List Column (optional)

7.5. TCP Analysis

7.6. Time Stamps

7.6.1. Wireshark internals
7.6.2. Capture file formats
7.6.3. Accuracy

7.7. Time Zones

7.7.1. Set your computer’s time correctly!
7.7.2. Wireshark and Time Zones

7.8. Packet Reassembly

7.8.1. What is it?
7.8.2. How Wireshark handles it
7.8.3. TCP Reassembly

7.9. Name Resolution

7.9.1. Name Resolution drawbacks
7.9.2. Ethernet name resolution (MAC layer)
7.9.3. IP name resolution (network layer)
7.9.4. TCP/UDP port name resolution (transport layer)
7.9.5. VLAN ID resolution
7.9.6. SS7 point code resolution

7.10. Checksums

7.10.1. Wireshark checksum validation
7.10.2. Checksum offloading

8. Statistics 统计

8.1. Introduction

8.2. The “Capture File Properties” Window

8.3. Resolved Addresses

8.4. The “Protocol Hierarchy” Window

8.5. Conversations

8.5.1. The “Conversations” Window

8.6. Endpoints

8.6.1. The “Endpoints” Window

8.7. Packet Lengths

8.8. The “I/O Graph” Window

8.9. Service Response Time

8.9.1. The “Service Response Time DCE-RPC” Window

8.10. DHCP (BOOTP) Statistics

8.11. ONC-RPC Programs

8.12. 29West

8.13. ANCP

8.14. BACnet

8.15. Collectd

8.16. DNS

8.17. Flow Graph

8.18. HART-IP

8.19. HPFEEDS

8.20. HTTP Statistics

8.20.1. HTTP Packet Counter
8.20.2. HTTP Requests
8.20.3. HTTP Load Distribution
8.20.4. HTTP Request Sequences

8.21. HTTP2

8.22. Sametime

8.23. TCP Stream Graphs

8.24. UDP Multicast Graphs

8.25. F5

8.26. IPv4 Statistics

8.27. IPv6 Statistics

9. Telephony

9.1. Introduction

9.2. VoIP Calls

9.3. ANSI

9.4. GSM

9.5. IAX2 Stream Analysis

9.6. ISUP Messages

9.7. LTE

9.7.1. LTE MAC Traffic Statistics
9.7.2. LTE RLC Graph
9.7.3. LTE RLC Traffic Statistics

9.8. MTP3

9.9. Osmux

9.10. RTP Analysis

9.11. RTSP

9.12. SCTP

9.13. SMPP Operations

9.14. UCP Messages

9.15. H.225

9.16. SIP Flows

9.17. SIP Statistics

9.18. WAP-WSP Packet Counter

10. Wireless

10.1. Introduction

10.2. Bluetooth ATT Server Attributes

10.3. Bluetooth Devices

10.4. Bluetooth HCI Summary

10.5. WLAN Traffic

11. Customizing Wireshark

11.1. Introduction

11.2. Start Wireshark from the command line

11.3. Packet colorization

11.4. Control Protocol dissection

11.4.1. The “Enabled Protocols” dialog box
11.4.2. User Specified Decodes
11.4.3. Show User Specified Decodes

11.5. Preferences

11.5.1. Interface Options

11.6. Configuration Profiles

11.7. User Table

11.8. Display Filter Macros

11.9. ESS Category Attributes

11.10. MaxMind Database Paths

11.11. IKEv2 decryption table

11.12. Object Identifiers

11.13. PRES Users Context List

11.14. SCCP users Table

11.15. SMI (MIB and PIB) Modules

11.16. SMI (MIB and PIB) Paths

11.17. SNMP Enterprise Specific Trap Types

11.18. SNMP users Table

11.19. Tektronix K12xx/15 RF5 protocols Table

11.20. User DLTs protocol table

12. MATE

12.1. Introduction

12.2. Getting Started

12.3. MATE Manual

12.3.1. Introduction
12.3.2. Attribute Value Pairs
12.3.3. AVP lists
12.3.4. MATE Analysis
12.3.5. About MATE

12.4. MATE’s configuration tutorial

12.4.1. A Gop for DNS requests
12.4.2. A Gop for HTTP requests
12.4.3. Getting DNS and HTTP together into a Gog
12.4.4. Separating requests from multiple users
12.5. MATE configuration examples
12.5.1. TCP session
12.5.2. a Gog for a complete FTP session
12.5.3. using RADIUS to filter SMTP traffic of a specific user
12.5.4. H323 Calls
12.5.5. MMS
12.6. MATE’s configuration library
12.6.1. General use protocols
12.6.2. VoIP/Telephony
12.7. MATE’s reference manual
12.7.1. Attribute Value Pairs
12.7.2. Attribute/Value Pair List (AVPL)
12.8. Configuration AVPLs
12.8.1. Pdsu’s configuration actions
A. Wireshark Messages

Wireshark 用户指南(3.1.0)的更多相关文章

  1. 【Flume NG用户指南】(1)设置

    作者:周邦涛(Timen) Email:zhoubangtao@gmail.com 转载请注明出处:  http://blog.csdn.net/zhoubangtao/article/details ...

  2. 【翻译】Flume 1.8.0 User Guide(用户指南) Processors

    翻译自官网flume1.8用户指南,原文地址:Flume 1.8.0 User Guide 篇幅限制,分为以下5篇: [翻译]Flume 1.8.0 User Guide(用户指南) [翻译]Flum ...

  3. 【翻译】Flume 1.8.0 User Guide(用户指南) Channel

    翻译自官网flume1.8用户指南,原文地址:Flume 1.8.0 User Guide 篇幅限制,分为以下5篇: [翻译]Flume 1.8.0 User Guide(用户指南) [翻译]Flum ...

  4. 【翻译】Flume 1.8.0 User Guide(用户指南) Sink

    翻译自官网flume1.8用户指南,原文地址:Flume 1.8.0 User Guide 篇幅限制,分为以下5篇: [翻译]Flume 1.8.0 User Guide(用户指南) [翻译]Flum ...

  5. 【翻译】Flume 1.8.0 User Guide(用户指南) source

    翻译自官网flume1.8用户指南,原文地址:Flume 1.8.0 User Guide 篇幅限制,分为以下5篇: [翻译]Flume 1.8.0 User Guide(用户指南) [翻译]Flum ...

  6. 【翻译】Flume 1.8.0 User Guide(用户指南)

    翻译自官网flume1.8用户指南,原文地址:Flume 1.8.0 User Guide 篇幅限制,分为以下5篇: [翻译]Flume 1.8.0 User Guide(用户指南) [翻译]Flum ...

  7. Gradle2.0用户指南翻译——第一章. 介绍

    翻译项目请关注Github上的地址:https://github.com/msdx/gradledoc本文翻译所在分支:https://github.com/msdx/gradledoc/tree/2 ...

  8. scons用户指南翻译(附gcc/g++参数详解)

    scons用户指南 翻译 http://blog.csdn.net/andyelvis/article/category/948141 官网文档 http://www.scons.org/docume ...

  9. 阿里云 EDAS-HSF 用户指南

    阿里云 EDAS-HSF 用户指南 针对 EDAS v2.3.0©Alibaba EDAS 项目组2015/8/19 1 前言本文档旨在描述阿里云 EDAS 产品中应用服务化模块的基本概念,以及如何使 ...

随机推荐

  1. VBA switch语句

    当用户想要根据Expression的值执行一组语句时,使用Switch Case语句. 每个值被称为一个”情况”,并根据每种情况变量接通测试.如果测试表达式与用户指定的任何Case不匹配,则执行Cas ...

  2. jquery sortable的拖动方法示例详解1

    转自:https://www.jb51.net/article/45803.htm 所有的事件回调函数都有两个参数:event和ui,浏览器自有event对象,和经过封装的ui对象 ui.helper ...

  3. 【Mybatis】缓存

    一.概述 1.1 缓存的意义 1.2 mybatis持久层缓存 二.一级缓存 2.1 原理 2.2 一级缓存配置 一级缓存测试 三.二级缓存 3.1 原理 3.2 mybatis二级缓存配置 3.3 ...

  4. 利用EasyUI 数据网格(DataGrid)的loader属性实现后端分页

    该属性在easyui官方文档中并没有详细阐述,通过简单的资料查询和摸索,实现了easyUI数据网格的后端分页功能. 在官网文档中这样阐述loader属性: 定义如何从远程服务器加载数据.返回false ...

  5. Android笔记(十八) 下拉列表(Spinner)

    App中常用的控件——下拉列表(Spinner),提供特定选择供用户选择 Spinner每次只能选择一个部件,它的选项来自于与之相关联的适配器(apater)中. MainActivity.java ...

  6. Hadoop读写mysql

    需求 两张表,一张click表记录某广告某一天的点击量,另一张total_click表记录某广告的总点击量 建表 CREATE TABLE `click` ( `id` ) NOT NULL AUTO ...

  7. FPGA学习笔记之按键控制

    参考: [黑金原创教程][FPGA那些事儿-驱动篇I ]实验二:按键模块① - 消抖 源码如下: key_funcmod.v module key_funcmod(clk, rst, key, led ...

  8. 【OF框架】新建库表及对应实体,并实现简单的增删改查操作,封装操作标准WebApi

    准备 搭建好项目框架及数据库,了解框架规范. 1.数据库表和实体一一对应,表名实体名名字相同,用小写,下划线连接.字段名用驼峰命名法,首字母大写. 2.实体放在Entities目录下,继承Entity ...

  9. java相关网址汇总(myself)

    jar包下载网址 https://www.mvnjar.com/ 或者 https://mvnrepository.com/ 或者 http://www.java2s.com/Open-Source/ ...

  10. [终章]进阶20-流程控制结构--if/case/while结构 - 三个while的存储过程案例(批量生成表单数据) - 随机长度的随机字符串的存储过程案例

    . mysql 存储过程中尽量使用 @变量 而不用局部变量, @变量不容易报错!权限小,更改一下就报错! . sql中判断相等'=' ,用'=' 不用'=='. . #流程控制结构 /* 顺序结构: ...