Wireshark 抓包实例分析 HTTP 问题(下)

优质

小牛编辑

115浏览

2023-12-01

介绍

本文承接上文。

更多信息

Client errors:

Code	Status	Explanation	What to do
400	Bad request	The request could not be understood by the server due to a syntax problem. The request should be modified by the client before resending to it.	Check the website address. This can also happen due to a site error.
401	Authorization required	The client is denied access due to the lack of authentication codes.	Check your username and password.
402	Payment required	Reserved for future use.
403	Forbidden	The client is not allowed to see a specific file. This can be due to the server access limit.	Check the credentials. Also, there are fewer chances that the server is loaded.
404	Not found	The requested resource could not be found.	This can be because the resource was deleted, or it never existed before. It can also be due to URL misspellings.
405	Method not allowed	The method you are using to access the file is not supported or not allowed by the resource.
406	Not acceptable	Content generated by the resource is not acceptable according to the client request.	Check/update your browser.
407	Proxy authentication required	Request authentication is required before it can be performed.	The client must first authenticate itself with the proxy.
408	Request timed out	It took the server longer than the allowed time to process the request.	Check response time and load on the network.
409	Conflict	The request submitted by the client cannot be completed because it conflicts with some established rules.	Can be because you try to upload a file that is older that the existing one or similar problems. Check what the client is trying to do.
410	Gone	The URL requested by the client is no longer available from that system.	Usually this is a server problem. It can be due to a file that was deleted or location was forwarded to a new location.
411	Content length required	The request is missing itsContent-Length header.	Compatibility issue on a website. Change/update your browser.
412	Precondition failed	The client has not set up a configuration that is required for the file to be delivered.	Compatibility issue on a website. Change/update your browser.
413	Request entity too long	The requested file was too big to process.	Server limitation.
414	Request URI too long	The address you entered was overly long for the server.	Server limitation.
415	Unsupported media type	The file type of the request is not supported.	Server limitation.

以下示例是一个简单的客户端报错。按照以下步骤进行操作：

右键有报错的报文。
选择Follow TCP stream，会看到以下窗口：

显示以下内容：
- 客户端尝试浏览URI/poker-client/broadcast.htm（如截屏中1和3所示）
- URI通过http://www.888poker.com/poker-client/promotions.htm转发（截屏中2所示）
- 状态码为404 Not Found（如截屏中4所示）
  Client errors:

Code	Status	Explanation	What to do
500	Internal server error	The web server encountered an unexpected condition that prevented it from carrying out the client request for access to the requested URL.	Response that is usually caused by a problem in your Perl code when a CGI program is run.
501	Not implemented	The request cannot be executed by the server.	A server problem.
502	Bad gateway	The server you're trying to reach is sending back errors.	A server problem.
503	Service unavailable	The service or file that is being requested is not currently available.	A server problem.
504	Gateway timeout	The gateway has timed out. This message is like the 408 timeout error, but this one occurs at the gateway of the server.	Server is down or nonresponsive.
505	HTTP version not supported	The HTTP protocol version that you want to use for communicating with the server is not supported by it.	Server does not support the HTTP version.

服务器不可用（错误代码503）可能有多种原因。以下示例是一个小办公室碰到的问题：员工能够访问Facebook，但当他们点击站点上的链接，则显示页面被拦截。以下截屏中，可看出页面被防火墙拦截：

工作原理:

标准的HTTP浏览模式如下：

TCP打开连接（三路握手信号）
HTTP发送GET命令
数据下载到浏览器
在一个网页打开多个连接的情况下（大多数网页都是如此）。每个连接需要一个DNS 查询，响应，TCP SYN-SYN/ACK-ACK，以及HTTP GET。之后数据才会出现在显示屏上。

当你在packet detail面板没有看到显示内容时，右键报文并选择Follow TCP stream，会看到连接的细节数据。另一个广泛应用的工具是Fiddler，Fiddler是HTTP故障排查的免费工具。