How do I monitor all incoming http requests

Question

I need to monitor my application from incoming http POST and GET requests originating from outside and sometimes inside the machine    Is this possible   Been using fiddler but this only does outgoing not incoming  from outside the machine  or have I configured it incorrectly   This is for my web app that is meant to be receiving a POST from an external server

User · Answer

I would install Microsoft Network Monitor  configure the tool so it would only see HTTP packets  filter the port  and start capturing packets   You could download it here

User · Answer

Configure Fiddler as a  reverse proxy  on Windows   for Mac  see the link in Partizano s comment below   I know there s already an answer suggesting this  however I want to provide the explanation and instructions for this that Telerik should have provided  and also cover some of the  gotchas   so here goes   What does it mean to configure Fiddler as a  reverse proxy     By default  Fiddler only monitors outgoing requests from the machine on which you re running Fiddler To monitor incoming requests  you need to configure Fiddler to work as a  reverse proxy  What this means is that you need to set Fiddler up as a  proxy  that will intercept incoming http requests that are sent to a specific port  8888  on the machine where you want to listen to the incoming requests  Fiddler will then forward those requests to the web server on the same machine by sending them to the usual port for http requests  usually port 80 or 443 for https   It s actually very quick and easy to do  The standard way to set this up with Fiddler is to get Fiddler to intercept all request sent to Port  8888   since this won t normally be used by anything else  although you could just as easily use another port  You then need to use the registry editor to get Fiddler to forward any http requests that Fiddler receives on port 8888  so that they re forwarded to the standard http port  port 80  port 443 for an https request  or another custom port that your web server is set to listen on    NOTE  For this to work  any request you want to intercept must be sent to port 8888  You do this by appending  8888 to your hostname  for example like this for an MVC route   http   myhostname 8888 controller action    Walkthrough  Ensure Fiddler can accept remote http requests on port 8888   Run Fiddler as administrator Go to Tools   Fiddler Options   Connections  and ensure that  Allow remote computers to connect  is checked  and  Fiddler listens on port  is set to 8888     Configure Fiddler to forward requests received on port 8888 to port 80   Close Fiddler Start REGEDIT Create a new DWORD named ReverseProxyForPort inside HKEY CURRENT USER SOFTWARE Microsoft Fiddler2    Now set the DWORD value to the local port you d like to re-route inbound traffic to  generally port 80 for a standard HTTP server   To do this  right-click the DWORD you created and select  Modify   Ensure  Base  is set to  Decimal  and enter  80   or another port  as the  Value data     Ensure that port 8888 is opened on the firewall   You must ensure that port 8888 is open to external requests  it won t be by default if your server is firewall-protected    That s it  Fiddler should now be set up as a reverse proxy  to intercept all requests from port 8888  so that you can view them in Fiddler   and it will then forward them to your web server to actually be handled   Test a request   Restart Fiddler To test that Fiddler is intercepting external requests  open a browser on the same machine where you ve set up Fiddler as a reverse proxy  Navigate your browser to http   127 0 0 1 8888 This tests making a basic request to to port 8888 You should see the request intercepted by Fiddler Now you can test a request from another machine  for example by making a request from a browser on another machine like this  where  remoteHostname  is a hostname on the machine where you ve set up Fiddler as a reverse proxy      http   remoteHostname 8888 controller action   Alternatively  you can compose a request by using another instance of Fiddler on a remote machine  using a URL similar to the one above  This will allow you to make either a GET or a POST request    IMPORTANT  Once you ve finished viewing your request s   go back to Tools   Fiddler Options   Connections and remove the  Allow remote computers to connect  option  otherwise 3rd parties will be able to bounce traffic through your server

User · Answer

Using Wireshark    I have not tried this  http   wiki wireshark org CaptureSetup Loopback  If that works  you could then filter for http http contains GET http contains POST traffic   You might have to run two Wireshark instances  one capturing local  and one capturing remote  I m not sure

User · Answer

Microsoft Message Analyzer is the successor of the Microsoft Network Monitor 3 4  If your http incoming traffic is going to your web server at 58000 port  start the Analyzer in Administrator mode and click new session   use filter  tcp Port   58000 and HTTP  trace scenario   Local Network Interfaces  Win 8 and earlier   or  Local Network Interfaces  Win 8 1 and later   depends on your OS  Parsing Level  Full

User · Answer

What you need to do is configure Fiddler to work as a  reverse proxy   There are instructions on 2 different ways you can do this on Fiddler s website   Here is a copy of the steps     Step  0  Before either of the following options will work  you must enable other computers to connect to Fiddler  To do so  click Tools   Fiddler Options   Connections and tick the  Allow remote computers to connect  checkbox  Then close Fiddler   Option  1  Configure Fiddler as a Reverse-Proxy  Fiddler can be configured so that any traffic sent to http   127 0 0 1 8888 is automatically sent to a different port on the same machine   To set this configuration    Start REGEDIT Create a new DWORD named ReverseProxyForPort inside HKCU SOFTWARE Microsoft Fiddler2  Set the DWORD to the local port you d like to re-route inbound traffic to  generally port 80 for a standard HTTP server  Restart Fiddler Navigate your browser to http   127 0 0 1 8888   Option  2  Write a FiddlerScript rule  Alternatively  you can write a rule that does the same thing     Say you re running a website on port 80 of a machine named WEBSERVER   You re connecting to the website using Internet Explorer Mobile Edition on a Windows SmartPhone device for which you cannot configure the web proxy   You want to capture the traffic from the phone and the server s response    Start Fiddler on the WEBSERVER machine  running on the default port of 8888  Click Tools   Fiddler Options  and ensure the  Allow remote clients to connect  checkbox is checked   Restart if needed  Choose Rules   Customize Rules  Inside the OnBeforeRequest handler  add a new line of code  if  oSession host toLowerCase       webserver 8888   oSession host    webserver 80   On the SmartPhone  navigate to http   webserver 8888   Requests from the SmartPhone will appear in Fiddler   The requests are forwarded from port 8888 to port 80 where the webserver is running   The responses are sent back through Fiddler to the SmartPhone  which has no idea that the content originally came from port 80

User · Answer

You can also try the HTTP Debugger  it has the built-in ability to display incoming HTTP requests and does not require any changes to the system configuration

User · Answer

Use TcpView to see ports listening and connections  This will not give you the requests though   In order to see requests  you need reverse of a proxy which I do not know of any such tools   Use tracing to give you parts of the requests  first 1KB of the request

User · Answer

Guys found the perfect way to monitor ALL traffic that is flowing locally between requests from my machine to my machine   Install Wireshark  When you need to capture traffic that is flowing from a localhost to a localhost then you will struggle to use wireshark as this only monitors incoming traffic on the network card  The way to do this is to add a route to windows that will force all traffic through a gateway and this be captured on the network interface  To do this  add a route with  lt ip address gt   lt gateway gt     cmd gt  route add 192 168 20 30 192 168 20 1   Then run a capture on wireshark  make sure you select the interface that has bytes flowing through it  Then filter    The newly added routes will come up in black   as they are local addresses

User · Answer

You might consider running Fiddler as a reverse proxy  you should be able to get clients to connect to Fiddler s address and then forward the requests from Fiddler to your application    This will require either a bit of port manipulation or client config  depending on what s easier based on your requirements   Details of how to do it are here  http   www fiddler2 com Fiddler Help ReverseProxy asp

[asp.net] How do I monitor all incoming http requests?

Examples related to asp.net

Examples related to http

Examples related to fiddler

Examples related to wireshark