1 views collected around this technical thread.
This guide introduces the kubectl sniff plugin for Kubernetes, explains its non‑privileged and privileged modes, walks through installation via krew or offline, and provides step‑by‑step commands to capture pod traffic with tcpdump and view it in Wireshark, enhancing network debugging efficiency.
netcap is an open‑source eBPF‑driven kernel network packet capture tool that extends tcpdump syntax to trace skb‑related functions across the Linux network stack, offering detailed packet tracing, customizable filters, multi‑trace aggregation, and user‑defined output to improve debugging of packet loss and performance issues.
This article walks through a production‑level OceanBase connection‑timeout incident, detailing how to examine OBProxy logs, capture and analyze network packets with tcpdump and Wireshark, identify a blocked random port, and apply kernel‑parameter fixes to prevent the issue.
Netcap, an open‑source eBPF‑based kernel network capture tool from ByteDance STE, lets developers trace packets across the entire Linux network stack, filter with tcpdump syntax, and extend functionality with custom filters, dramatically improving the efficiency of diagnosing kernel packet loss problems.
The investigation used Wireshark captures to uncover that a new app version sent oversized TCP segments—due to altered MSS and path‑MTU mismatch—causing unacknowledged retransmissions, which were diagnosed with ping‑do‑not‑fragment tests and resolved by trimming the request parameters and confirming via TLS key logging.
Wireshark, the open‑source network protocol analyzer, lets users capture traffic and then refine what they see using two distinct filter types—display filters applied after capture and capture filters applied during capture—each with its own syntax, common examples (IP, port, protocol) and advanced expressions to isolate relevant packets.
This article explains Calico's IPIP networking mode in Kubernetes, covering its architecture, core components, routing behavior, command‑line examples, and packet‑capture analysis to illustrate how pods communicate across nodes.
This article introduces AndroidMonitor, a lightweight Android packet‑capture library, explains how to add its monitor and monitor‑plugin dependencies, configure ProGuard, customize entry names, ports and logos, and optionally use AndroidLocalService to expose captured data via a local socket for both mobile and PC UI visualization.
After moving an application to a PaaS platform, intermittent 502 errors appear mainly on POST requests; the article analyzes Nginx retry behavior, Ingress‑uwsgi protocol mismatches, packet‑capture findings, and provides a configuration fix to resolve the issue.
This article presents a comprehensive learning roadmap for computer networking, offering curated books, video courses, hands‑on practice tools, and study plans tailored for beginners, non‑CS majors, and experienced developers seeking to strengthen their networking fundamentals for job interviews.
This article describes the background, functional requirements, architecture, packet‑capture implementation using libpcap, MySQL protocol parsing, result processing, and storage strategy (Kafka + ClickHouse) of a custom MySQL sniffer developed at Qunar to provide complete database access logs for auditing, performance analysis, and operations.
This guide explains how to use tcpdump for capturing and filtering network packets, covering basic and advanced command options, logical filters, saving captures, and a real‑world troubleshooting scenario involving a Node.js server behind Nginx.
This article explains the internal mechanisms of tcpdump, showing how it registers a virtual protocol in the kernel's ptype_all list to intercept packets during both receive and transmit paths, how netfilter interacts with these paths, and provides guidance for building a custom packet‑capture program.
This article explains Wireshark display filters, covering the dialog and text‑expression methods, and provides common filter examples for protocols, IP addresses, ports, packet size, comparison and logical operators, with code snippets for each case.
This tutorial walks through a complete Android app packet‑capture workflow—installing a Wi‑Fi‑proxy‑compatible emulator, deploying the app via UI or ADB, configuring Charles or Fiddler as a debugging proxy, handling HTTPS certificates for Android 7+, and capturing traffic for functional, security, or development testing.
This guide explains how to install tcpdump, use various options such as -nn, port filters, -c, and -w to capture and save network packets, and introduces tshark commands for detailed HTTP traffic analysis on Linux systems.
This article documents an experiment using three virtual machines running MySQL 5.7.20 MGR to capture and analyze network traffic with a custom Wireshark dissector, revealing how the primary node updates views, removes a failed node, and re‑establishes cluster state after a crash.
This article demonstrates how to capture and analyze MySQL traffic on both unencrypted MySQL 5.7 and TLS‑encrypted MySQL 8.0 using tcpdump and Wireshark, explains the differences in packet contents, and walks through the TLS handshake process in detail.
QTC, iQIYI’s extended ATC tool combining a dual‑NIC workstation, wireless hotspot and Python‑based software, dynamically simulates static and changing network conditions while providing low‑interference automated packet capture, enabling rapid mobile video app testing across diverse scenarios and uncovering numerous bugs.
Learn how to effectively use tcpdump for network packet capture, understand its syntax and expression filters, explore common parameters, and see practical examples of analyzing MySQL traffic and packet details, empowering you to troubleshoot network issues and perform deep packet analysis.