背景:腾讯云容器,底层是Linux,容器跑的是一个网关服务,内部端口与对外端口都是9999
第一步:安装 tcpdump
apk add tcpdump
第二步:执行 ifconfig,查看网卡,我们网卡是 eth0
bash-4.3# ifconfig eth0 Link encap:Ethernet HWaddr 0A:58:C0:A8:04:EF inet addr:192.168.4.239 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:765065 errors:0 dropped:0 overruns:0 frame:0 TX packets:446625 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:122931826 (117.2 MiB) TX bytes:45476457 (43.3 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
第三步:使用 tcpdump 监听发送到网关服务的请求(dst 表示从 nginx 转发到网关服务的请求,src 表示网关服务给 nginx 的响应)
tcpdump -i eth0 dst port 9999 -vvv -XX
其中:
-i:表示指定监听端口
-v:当分析和打印的时候,产生详细的输出
-vv:产生比-v更详细的输出
-vvv:产生比-vv更详细的输出
-XX:输出包的头部信息,会以16进制和ASCII两种方式同时输出,更详细
第四步:我本机请求网关服务的一个接口:https://my.gateway.com/project/timeeeee/unifiedRequest/release,在 tcpdump 的监听下可以看到相关信息输出
11:01:36.386035 IP (tos 0x68, ttl 56, id 27685, offset 0, flags [DF], proto TCP (6), length 546) 10.0.2.35.53897 > uip-gateway-698df9cbf5-696gl.9999: Flags [P.], cksum 0x19d2 (correct), seq 0:494, ack 1, win 229, options [nop,nop,TS val 2045383880 ecr 4157383336], length 494 0x0000: 0a58 c0a8 04ef 0a58 c0a8 0401 0800 4568 .X.....X......Eh 0x0010: 0222 6c25 4000 3806 028f 0a00 0223 c0a8 ."l%@.8......#.. 0x0020: 04ef d289 270f 6e10 78e5 6c07 937f 8018 ....'.n.x.l..... 0x0030: 00e5 19d2 0000 0101 080a 79ea 14c8 f7cc ..........y..... 0x0040: a2a8 504f 5354 202f 7569 702d 7061 6e67 ..POST./project 0x0050: 752f 7265 6775 6c61 722f 756e 6966 6965 /timeeeee/unifie 0x0060: 6452 6571 7565 7374 2f72 656c 6561 7365 dRequest/release 0x0070: 643f 7369 676e 3d51 5446 4651 304d 354f d?sign=QTFFQ0M5O 0x0080: 5467 7a4f 5455 774e 6a68 4251 7a4a 4751 TgzOTUwNjhBQzJGQ 0x0090: 6b55 7a52 454d 7a4e 4467 7a4e 304a 464d kUzREMzNDgzN0JFM 0x00a0: 7a41 2533 4426 696e 7465 7266 6163 6543 zA%3D&interfaceC 0x00b0: 6f64 653d 4730 3030 3139 2668 6f73 7069 ode=G00019&hospi 0x00c0: 7461 6c49 643d 3131 3138 3034 3139 3231 talId=1118041921 0x00d0: 3034 3132 3336 3131 3526 6170 7049 643d 041236115&appId= 0x00e0: 7a6a 3735 3436 3933 3665 7867 6762 7765 zj7546936exggbwe 0x00f0: 2674 696d 6573 7461 6d70 3d31 3538 3430 ×tamp=15840 0x0100: 3638 3439 3520 4854 5450 2f31 2e30 0d0a 68495.HTTP/1.0.. 0x0110: 486f 7374 3a20 7569 7061 7069 2e7a 776a Host:.uipapi.zwj 0x0120: 6b2e 636f 6d0d 0a58 2d52 6561 6c2d 4950 k.com..X-Real-IP 0x0130: 3a20 3138 332e 3132 392e 3235 342e 3136 :.183.129.254.16 0x0140: 320d 0a58 2d46 6f72 7761 7264 6564 2d46 2..X-Forwarded-F 0x0150: 6f72 3a20 3138 332e 3132 392e 3235 342e or:.183.129.254. 0x0160: 3136 320d 0a43 6f6e 6e65 6374 696f 6e3a 162..Connection: 0x0170: 2063 6c6f 7365 0d0a 436f 6e74 656e 742d .close..Content- 0x0180: 4c65 6e67 7468 3a20 3432 0d0a 4163 6365 Length:.42..Acce 0x0190: 7074 3a20 6170 706c 6963 6174 696f 6e2f pt:.application/ 0x01a0: 6a73 6f6e 2c20 6170 706c 6963 6174 696f json,.applicatio 0x01b0: 6e2f 2a2b 6a73 6f6e 0d0a 436f 6e74 656e n/*+json..Conten 0x01c0: 742d 5479 7065 3a20 6170 706c 6963 6174 t-Type:.applicat 0x01d0: 696f 6e2f 6a73 6f6e 3b63 6861 7273 6574 ion/json;charset 0x01e0: 3d55 5446 2d38 0d0a 5573 6572 2d41 6765 =UTF-8..User-Age 0x01f0: 6e74 3a20 4a61 7661 2f31 2e38 2e30 5f31 nt:.Java/1.8.0_1 0x0200: 3131 0d0a 0d0a 7b22 656e 6372 7970 7444 11....{"encryptD 0x0210: 6174 6122 3a22 6173 6534 4a65 2f77 334e ata":"ase4Je/w3N 0x0220: 734c 4354 436d 4836 5136 3367 3d3d 227d sLCTCmH6Q63g=="} 11:01:36.607608 IP (tos 0x0, ttl 62, id 22512, offset 0, flags [DF], proto TCP (6), length 60)