Wednesday, October 24, 2012

Using tshark to troubleshoot http

Here I give an example of how to use tshark, which is a command line tool and a part of the wireshark package, to monitor http requests and responses.

On Windows, first identify the numbering of the NIC adapters, using the '-D' option: 

C:\Program Files\Wireshark>tshark.exe -D

1. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)

2. \Device\NPF_{2F15B435-C783-4863-90AC-C9DF8B64FBE1} (VMware Accelerated AMD PCNet Adapter)

Ok, lets now look at http traffic when loading the twitter home page: 
C:\Program Files\Wireshark>tshark -i 2 "tcp port 80" -R "http.request or http.response"

Capturing on VMware Accelerated AMD PCNet Adapter

  0.005726 192.168.2.14 -> 199.59.150.39 HTTP 867 GET / HTTP/1.1

  3.067846 192.168.2.14 -> 199.59.150.39 HTTP 867 [TCP Retransmission] GET / HTTP/1.1

  4.577303 192.168.2.14 -> 184.169.78.33 HTTP 425 GET /a/1350941601/t1/css/t1_core_logged_out.bundle.css HTTP/1.1

  4.578931 192.168.2.14 -> 184.169.78.33 HTTP 414 GET /a/1350941601/t1/css/t1_more.bundle.css HTTP/1.1

  4.605371 199.59.150.39 -> 192.168.2.14 HTTP 279 HTTP/1.0 200 OK  (text/html)

  4.612847 184.169.78.33 -> 192.168.2.14 HTTP 615 HTTP/1.0 200 OK  (text/html)

  4.620900 184.169.78.33 -> 192.168.2.14 HTTP 593 HTTP/1.0 200 OK  (text/html)

  4.631572 192.168.2.14 -> 184.169.78.33 HTTP 414 GET /a/1350941601/images/bigger_spinner.gif HTTP/1.1

  4.631683 192.168.2.14 -> 184.169.78.33 HTTP 426 GET /a/1350941601/t1/img/front_page/city-balcony@2x.jpg HTTP/1.1

  4.634542 192.168.2.14 -> 184.169.78.33 HTTP 432 GET /c/swift/init.ef644480fe2a53578f7ce4eda13396e86b6fa74a.js HTTP/1.1

  4.679344 184.169.78.33 -> 192.168.2.14 HTTP 60 HTTP/1.0 200 OK  (GIF89a)

  4.679459 184.169.78.33 -> 192.168.2.14 HTTP 60 HTTP/1.0 200 OK  (GIF89a)

  4.683034 184.169.78.33 -> 192.168.2.14 HTTP 629 HTTP/1.0 200 OK  (text/html)

  4.702673 192.168.2.14 -> 199.59.150.39 HTTP 529 GET /opensearch.xml HTTP/1.1

  4.705784 199.59.150.39 -> 192.168.2.14 HTTP 417 HTTP/1.0 304 Not Modified

15 packets captured

You can see above, that this clearly shows the URLs to the html, image and css files that are downloaded from the server, and the associated http response codes.

Note the use of the tshark '-R' option to specify a "display" filter, to filter out everything, but the http requests and responses, so that we can concentrate on whats happening at the http level, without things like the tcp acks causing distraction. And you may want to expand the capture filter to just specify a particular host.

Posted by at No comments:
Labels: , ,

Customizing grub2 boot options in Fedora 18

In days of old, with RedHat Linux, and Fedora and Centos, on servers I used to disable the default behaviour of console display blanking screen-saver by putting the 'setterm -blank 0' command into file '/etc/rc.local'. On recent versions of Fedora, you do not get a '/etc/rc.local' file, however you can create one like this: 
# vi /etc/rc.d/rc.local

# chmod a+x /etc/rc.d/rc.local

# ln -s /etc/rc.d/rc.local /etc

# ll /etc/rc.local

lrwxrwxrwx. 1 root root 18 Sep 24 15:44 /etc/rc.local -> /etc/rc.d/rc.local

#

But this no longer seem to be an appropriate way to run  'setterm -blank 0', as the command just seems to be ignored. I tried setting my '/etc/rc.local' file to this: 
# cat /etc/rc.local

#!/bin/sh

/bin/date > /root/rc.local.start

/bin/sleep 5

/bin/setterm -blank 0

/bin/date > /root/rc.local.done

..just to prove the command was executing, and it was, but still the screen blanked after the timeout.

After much Googling, I found the answer was to use a kernel command line option of 'consoleblank=0'.

Now again in days of old, I would just edit '/etc/grub.conf' to set these kernel parameters, But now recent versions of Fedora are using Grub2, things have changed. I found that you can specify the kernel parameters, in file '/etc/default/grub', using the 'GRUB_CMDLINE_LINUX_DEFAULT' option.

And while I was editing the grub file, I decided to change some other settings. I wanted to disable the graphical boot splash screen, and just have a basic 'text' screen to select which kernel to boot, so I added 'GRUB_TERMINAL=console'. I also removed the 'rhgb quiet' options, as I like to see all those boot messages scrolling up the screen. 

# cd /etc/default/

# cp grub grub.orig

# vi grub

# diff -u grub.orig grub

--- grub.orig   2012-10-24 10:28:28.120869824 +0100

+++ grub        2012-10-24 10:52:40.940184853 +0100

@@ -1,6 +1,8 @@

-GRUB_TIMEOUT=5

+GRUB_TIMEOUT=10

 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"

 GRUB_DEFAULT=saved

-GRUB_CMDLINE_LINUX="rd.md=0 rd.lvm=0 rd.dm=0 rd.luks=0 $([ -x /usr/sbin/rhcrashkernel-param ] && /usr/sbin/rhcrashkernel-param || :) rhgb quiet"

+GRUB_CMDLINE_LINUX="rd.md=0 rd.lvm=0 rd.dm=0 rd.luks=0 $([ -x /usr/sbin/rhcrashkernel-param ] && /usr/sbin/rhcrashkernel-param || :)"

+GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0"

 GRUB_DISABLE_RECOVERY="true"

 GRUB_THEME="/boot/grub2/themes/system/theme.txt"

+GRUB_TERMINAL=console

#

# grub2-mkconfig -o /boot/grub2/grub.cfg

Generating grub.cfg ...

Found linux image: /boot/vmlinuz-3.6.2-2.fc18.x86_64

Found initrd image: /boot/initramfs-3.6.2-2.fc18.x86_64.img

Found linux image: /boot/vmlinuz-3.6.0-1.fc18.x86_64

Found initrd image: /boot/initramfs-3.6.0-1.fc18.x86_64.img

#

Ok, so lets check that worked.... 
# grep $'\tlinux' /boot/grub2/grub.cfg

linux   /vmlinuz-3.6.2-2.fc18.x86_64 root=UUID=9d81334c-ed70-4cc8-9279-e82eb8cdef1e ro rd.md=0 rd.lvm=0 rd.dm=0 rd.luks=0  consoleblank=0

linux   /vmlinuz-3.6.0-1.fc18.x86_64 root=UUID=9d81334c-ed70-4cc8-9279-e82eb8cdef1e ro rd.md=0 rd.lvm=0 rd.dm=0 rd.luks=0  consoleblank=0

In the above, note how I get grep to match for the tab character.

References:
http://lists.fedoraproject.org/pipermail/users/2012-March/415317.html
http://superuser.com/questions/152347/change-linux-console-screen-blanking-behavior
http://thangnguyennang.wordpress.com/2012/06/17/change-the-grub-menu-timeout-on-fedora-17-20-2/
http://ubuntuforums.org/showthread.php?t=1456104
http://www.dedoimedo.com/computers/grub-2.htm
http://fedoraproject.org/wiki/GRUB_2
http://www.redhat.com/archives/rhl-list/2004-May/msg07775.html
http://savannah.gnu.org/bugs/?23535
http://www.howtoarena.com/how-to-disable-linux-console-screen-blank-out-feature/

Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)