网络基本功(二十八):Wireshark抓包实例分析HTTP问题(下)

转载请在文首保留原文出处:EMC中文支持论坛https://community.emc.com/go/chinese image001.gif

介绍

本文承接上文。

更多信息

Client errors:

Code Status Explanation What to do
400 Bad request The request could not be understood by the server due to a syntax problem. The request should be modified by the client before resending to it. Check the website address. This can also happen due to a site error.
401 Authorization required The client is denied access due to the lack of authentication codes. Check your username and password.
402 Payment required Reserved for future use.
403 Forbidden The client is not allowed to see a specific file. This can be due to the server access limit. Check the credentials. Also, there are fewer chances that the server is loaded.
404 Not found The requested resource could not be found. This can be because the resource was deleted, or it never existed before. It can also be due to URL misspellings.
405 Method not allowed The method you are using to access the file is not supported or not allowed by the resource.
406 Not acceptable Content generated by the resource is not acceptable according to the client request. Check/update your browser.
407 Proxy authentication required Request authentication is required before it can be performed. The client must first authenticate itself with the proxy.
408 Request timed out It took the server longer than the allowed time to process the request. Check response time and load on the network.
409 Conflict The request submitted by the client cannot be completed because it conflicts with some established rules. Can be because you try to upload a file that is older that the existing one or similar problems. Check what the client is trying to do.
410 Gone The URL requested by the client is no longer available from that system. Usually this is a server problem. It can be due to a file that was deleted or location was forwarded to a new location.
411 Content length required The request is missing itsContent-Length header. Compatibility issue on a website. Change/update your browser.
412 Precondition failed The client has not set up a configuration that is required for the file to be delivered. Compatibility issue on a website. Change/update your browser.
413 Request entity too long The requested file was too big to process. Server limitation.
414 Request URI too long The address you entered was overly long for the server. Server limitation.
415 Unsupported media type The file type of the request is not supported. Server limitation.

以下示例是一个简单的客户端报错。按照以下步骤进行操作:

  1. 右键有报错的报文。

  2. 选择Follow TCP stream,会看到以下窗口:

    image002.jpg

  3. 显示以下内容:

Client errors:

Code Status Explanation What to do
500 Internal server error The web server encountered an unexpected condition that prevented it from carrying out the client request for access to the requested URL. Response that is usually caused by a problem in your Perl code when a CGI program is run.
501 Not implemented The request cannot be executed by the server. A server problem.
502 Bad gateway The server you're trying to reach is sending back errors. A server problem.
503 Service unavailable The service or file that is being requested is not currently available. A server problem.
504 Gateway timeout The gateway has timed out. This message is like the 408 timeout error, but this one occurs at the gateway of the server. Server is down or nonresponsive.
505 HTTP version not supported The HTTP protocol version that you want to use for communicating with the server is not supported by it. Server does not support the HTTP version.

服务器不可用(错误代码503)可能有多种原因。以下示例是一个小办公室碰到的问题:员工能够访问Facebook,但当他们点击站点上的链接,则显示页面被拦截。以下截屏中,可看出页面被防火墙拦截:

image003.jpg

工作原理:

标准的HTTP浏览模式如下:

  1. TCP打开连接(三路握手信号)
  2. HTTP发送GET命令
  3. 数据下载到浏览器

在一个网页打开多个连接的情况下(大多数网页都是如此)。每个连接需要一个DNS 查询,响应,TCP SYN-SYN/ACK-ACK,以及HTTP GET。之后数据才会出现在显示屏上。

当你在packet detail面板没有看到显示内容时,右键报文并选择Follow TCP stream,会看到连接的细节数据。另一个广泛应用的工具是Fiddler,Fiddler是HTTP故障排查的免费工具。

参考

Network Analysis Using Wireshark Cookbook