Wireshark 用户指南(3.1.0)
目 录
Preface 序
-
1. Foreword 前言
2. Who should read this document? 谁适合读该文档?
3. Acknowledgements 致谢
4. About this document 关于本文档
5. Where to get the latest copy of this document? 哪里获取本文档最新副版
6. Providing feedback about this document 反馈
7. Typographic Conventions 版式约定
1. Introduction 简介
1.1. What is Wireshark? 什么是Wireshark
- 1.1.1. Some intended purposes 预期用途
- 1.1.2. Features 特性
- 1.1.3. Live capture from many different network media 不同网络介质在线抓取
- 1.1.4. Import files from many other capture programs 导入抓包文件
- 1.1.5. Export files for many other capture programs 导出抓包文件
- 1.1.6. Many protocol dissectors 协议剥离
- 1.1.7. Open Source Software 打开软件
- 1.1.8. What Wireshark is not
1.2. System Requirements 系统要求
1.3. Where to get Wireshark 如何获取Wireshark
1.4. A brief history of Wireshark Wireshark简史
1.5. Development and maintenance of Wireshark Wireshark开发与运维
1.6. Reporting problems and getting help 上报问题并获得帮助
2. Building and Installing Wireshark 构建安装Wireshark
2.1. Introduction 简介
2.2. Obtaining the source and binary distributions 获取源码和二进制发行版
2.3. Installing Wireshark under Windows Windows安装Wireshark
- 2.3.1. Installation Components 安装组件
- 2.3.2. Additional Tasks 额外任务
- 2.3.3. Install Location 安装位置
- 2.3.4. Installing Npcap 安装Npcap
- 2.3.5. Windows installer command line options Windows安装命令行选项
- 2.3.6. Manual Npcap Installation 手动Npcap安装
- 2.3.7. Update Wireshark 升级Wireshark
- 2.3.8. Update Npcap 升级Npcap
- 2.3.9. Uninstall Wireshark 协助Wireshark
- 2.3.10. Uninstall Npcap 协助Npcap
2.4. Installing Wireshark under macOS macOS安装Wireshark
2.5. Building Wireshark from source under UNIX UNIX源码安装Wireshark
2.6. Installing the binaries under UNIX UNIX二进制安装Wireshark
- 2.6.1. Installing from RPMs under Red Hat and alike 红帽环境下RPM安装
- 2.6.2. Installing from debs under Debian, Ubuntu and other Debian derivatives Debian等环境deb安装
- 2.6.3. Installing from portage under Gentoo Linux GentooLinux环境 portage安装
- 2.6.4. Installing from packages under FreeBSD FreeBSD环境安装包安装
2.7. Troubleshooting during the build and install on Unix Unix构建安装问题快照
2.8. Building from source under Windows Windows下源码安装
3. User Interface 用户界面
3.1. Introduction 简介
3.2. Start Wireshark 启动Wireshark
3.3. The Main window 主界面
3.4. The Menu 菜单
3.5. The “File” menu 菜单-文件
3.6. The “Edit” Menu 菜单-编辑
3.7. The “View” Menu 菜单-视图
3.8. The “Go” Menu 菜单-跳转
3.9. The “Capture” menu 菜单-捕获
3.10. The “Analyze” Menu 菜单-分析
3.11. The “Statistics” Menu 菜单-统计
3.12. The “Telephony” Menu 菜单-电话
3.13. The “Tools” Menu 菜单-工具
3.14. The “Help” Menu 菜单-帮助
3.15. The “Main” Toolbar 工具栏-常规工具
3.16. The “Filter” Toolbar 工具栏-过滤
3.17. The “Packet List” Pane 面板-报文列表
3.18. The “Packet Details” Pane 面板-报文详情
3.19. The “Packet Bytes” Pane 面板-报文字节
3.20. The Statusbar 状态栏
4. Capturing Live Network Data 捕获在线网络数据
4.1. Introduction 简介
4.2. Prerequisites 前提条件
4.3. Start Capturing 开始捕获
4.4. The “Capture Interfaces” dialog box 捕获界面对话框
4.5. The “Capture Options” dialog box 捕获设置对话框
4.6. The “Edit Interface Settings” dialog box 编辑界面设置对话框
4.7. The “Compile Results” dialog box 编译结果对话框
4.8. The “Add New Interfaces” dialog box 增加新接口对话框
- 4.8.1. Add or remove pipes 新增/删除?
- 4.8.2. Add or hide local interfaces 新增/隐藏本地接口
- 4.8.3. Add or hide remote interfaces 新增/隐藏远方接口
4.9. The “Remote Capture Interfaces” dialog box 远程捕获接口对话框
4.10. The “Interface Details” dialog box 接口详情对话框
4.11. Capture files and file modes 捕获文件及文件模式
4.12. Link-layer header type 链接层头类型
4.13. Filtering while capturing 抓包时过滤
4.14. While a Capture is running … 抓包过程中
5. File Input, Output, and Printing 文件输入、输出、打印
5.1. Introduction 简介
5.2. Open capture files 打开抓包文件
5.3. Saving captured packets 保存抓包
5.4. Merging capture files 合并抓包
5.5. Import hex dump 导入 hex dump
5.6. File Sets 文件设置
5.7. Exporting data 导出数据
- 5.7.1. The “Export as Plain Text File” dialog box
- 5.7.2. The “Export as PostScript File” dialog box
- 5.7.3. The “Export as CSV (Comma Separated Values) File” dialog box
- 5.7.4. The “Export as C Arrays (packet bytes) file” dialog box
- 5.7.5. The “Export as PSML File” dialog box
- 5.7.6. The “Export as PDML File” dialog box
- 5.7.7. The “Export selected packet bytes” dialog box
- 5.7.8. The “Export Objects” dialog box
