网络工程 - 空白的 Wireshark GeoIP 地图 - 吾爱随笔录

空白的 Wireshark GeoIP 地图

网络工程线鲨

2021-07-28 12:58:23

当我pcapng在我的 linux 笔记本电脑（Debian Wheezy）上诊断一个文件时，我想找出数据包的来源，所以我遵循了构建 GeoIP 地图的标准程序......

设置

将所有 IPv4 GeoIP 文件下载到专用目录 ( /home/mpenning/geoip)
提取.gz文件gzip -dc filename.dat.gz > filename.dat
将wireshark指向GeoIP文件...编辑>首选项>名称解析>GeoIP数据库目录>新建
重新启动 Wireshark，并打开我的 pcap
统计 > 端点 > IPv4 > 地图

问题

我可以在ipmap.html文件中看到 GeoIP 数据点；但是，当我在浏览器中打开该文件时，它是空白的。如何让wireshark正确显示GeoIP地图？

细节

Debian Wheezy (x86)

从wireshark --version...输出

mpenning@Mudslide:~/geoip$wireshark --version

线鲨 1.8.2

版权所有 1998-2012 Gerald Combs 和贡献者。
这是免费软件；请参阅复制条件的来源。没有
保修单; 甚至不是为了特定目的的适销性或适合性。

使用 GTK+ 2.24.10、Cairo 1.12.2、Pango 1.30.0 编译（32 位），使用
GLib 2.32.4，带有 libpcap，带有 libz 1.2.7，带有 POSIX 功能（Linux），
使用 SMI 0.4.8，使用 c-ares 1.9.1，使用 Lua 5.1，不使用 Python，使用 GnuTLS
2.12.20，使用 Gcrypt 1.5.0，使用 MIT Kerberos，使用 GeoIP，使用 PortAudio
V19-devel（建于 2011 年 12 月 7 日 23:44:47），带有 AirPcap。

在 Linux 3.2.0-4-686-pae 上运行，使用语言环境 en_US.UTF-8，使用 libpcap 版本
1.3.0，带 libz 1.2.7，GnuTLS 2.12.20，Gcrypt 1.5.0，不带 AirPcap。

使用 gcc 4.7.2 构建。
mpenning@Mudslide:~/geoip$

文件： `ipmap.html`

<?xml version="1.0" encoding="UTF-8"?>
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <title>Wireshark: IP Location Map</title>
    <style type="text/css">
    body {
      font-family: Arial, Helvetica, sans-serif; font-size: 13px;
      line-height: 17px;
    }
    </style>
    <script type="text/javascript" src="http://openlayers.org/api/OpenLayers.js"></script>
    <script type="text/javascript" src="http://openstreetmap.org/openlayers/OpenStreetMap.js"></script>

    <script type="text/javascript">
        <!--
        var map, layer;
        var selectControl, selectedFeature;

        function onPopupClose(event) {
            selectControl.unselect(this.feature);
        }

        function EndpointSelected(event) {
            var feature = event.feature;
            popup = new OpenLayers.Popup.FramedCloud("endpoint",
                feature.geometry.getBounds().getCenterLonLat(),
                new OpenLayers.Size(25,25),
                "<h3>"+ feature.attributes.title + "</h3>" +
                feature.attributes.description,
                null, true, onPopupClose);
            feature.popup = popup;
            popup.feature = feature;
            map.addPopup(popup);
        }

        function EndpointUnselected(event) {
            var feature = event.feature;
            if (feature.popup) {
                popup.feature = null;
                map.removePopup(feature.popup);
                feature.popup.destroy();
                feature.popup = null;
            }
        }

        function init() {
            var endpoints = {
                "type": "FeatureCollection",
                "features": [ // Start endpoint list - MUST match hostlist_table.c
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-121.870499, 37.440399] },
  'properties': { 'title': '24.6.173.220', 'description': 'AS: AS7922 Comcast Cable Communications, Inc.<br/>Country: United States<br/>City: Milpitas, CA<br/>Packets: 2376<br/>Bytes: 1744436' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-121.894997, 37.339401] },
  'properties': { 'title': '68.87.76.182', 'description': 'AS: AS7922 Comcast Cable Communications, Inc.<br/>Country: United States<br/>City: San Jose, CA<br/>Packets: 244<br/>Bytes: 26329' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-118.298698, 33.786598] },
  'properties': { 'title': '199.181.132.250', 'description': 'AS: AS8137 Disney Online<br/>Country: United States<br/>City: Burbank, CA<br/>Packets: 10<br/>Bytes: 1374' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-118.298698, 33.786598] },
  'properties': { 'title': '198.105.194.105', 'description': 'AS: AS8137 Disney Online<br/>Country: United States<br/>City: Burbank, CA<br/>Packets: 85<br/>Bytes: 69473' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-71.084297, 42.362598] },
  'properties': { 'title': '69.22.148.82', 'description': 'AS: AS4436 nLayer Communications, Inc.<br/>Country: United States<br/>City: Cambridge, MA<br/>Packets: 494<br/>Bytes: 434075' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-97.000000, 38.000000] },
  'properties': { 'title': '24.143.203.16', 'description': 'AS: AS7843 Time Warner Cable Internet LLC<br/>Country: United States<br/>City: -<br/>Packets: 89<br/>Bytes: 62863' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-104.873802, 39.623699] },
  'properties': { 'title': '204.2.164.118', 'description': 'AS: AS2914 NTT America, Inc.<br/>Country: United States<br/>City: Englewood, CO<br/>Packets: 98<br/>Bytes: 71411' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-118.298698, 33.786598] },
  'properties': { 'title': '68.71.208.113', 'description': 'AS: AS8137 Disney Online<br/>Country: United States<br/>City: Burbank, CA<br/>Packets: 10<br/>Bytes: 1894' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-97.000000, 38.000000] },
  'properties': { 'title': '24.143.203.18', 'description': 'AS: AS7843 Time Warner Cable Internet LLC<br/>Country: United States<br/>City: -<br/>Packets: 92<br/>Bytes: 82142' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-71.084297, 42.362598] },
  'properties': { 'title': '205.234.225.88', 'description': 'AS: AS4436 nLayer Communications, Inc.<br/>Country: United States<br/>City: Cambridge, MA<br/>Packets: 13<br/>Bytes: 2572' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-118.298698, 33.786598] },
  'properties': { 'title': '68.71.220.175', 'description': 'AS: AS8137 Disney Online<br/>Country: United States<br/>City: Burbank, CA<br/>Packets: 10<br/>Bytes: 2402' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-104.873802, 39.623699] },
  'properties': { 'title': '204.2.164.104', 'description': 'AS: AS2914 NTT America, Inc.<br/>Country: United States<br/>City: Englewood, CO<br/>Packets: 124<br/>Bytes: 101358' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-98.398697, 29.488899] },
  'properties': { 'title': '72.32.153.176', 'description': 'AS: AS33070 Rackspace Hosting<br/>Country: United States<br/>City: San Antonio, TX<br/>Packets: 39<br/>Bytes: 26300' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-71.084297, 42.362598] },
  'properties': { 'title': '69.22.148.33', 'description': 'AS: AS4436 nLayer Communications, Inc.<br/>Country: United States<br/>City: Cambridge, MA<br/>Packets: 114<br/>Bytes: 100615' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-71.084297, 42.362598] },
  'properties': { 'title': '69.22.148.42', 'description': 'AS: AS4436 nLayer Communications, Inc.<br/>Country: United States<br/>City: Cambridge, MA<br/>Packets: 23<br/>Bytes: 15818' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-122.094597, 37.304199] },
  'properties': { 'title': '143.127.102.125', 'description': 'AS: AS16733 Symantec Corporation<br/>Country: United States<br/>City: Cupertino, CA<br/>Packets: 10<br/>Bytes: 1229' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-88.054001, 42.053398] },
  'properties': { 'title': '138.108.29.10', 'description': 'AS: AS16477 ACNIELSEN<br/>Country: United States<br/>City: Schaumburg, IL<br/>Packets: 10<br/>Bytes: 1520' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-111.961800, 40.324501] },
  'properties': { 'title': '66.235.133.11', 'description': 'AS: AS15224 Adobe Systems Inc.<br/>Country: United States<br/>City: Lehi, UT<br/>Packets: 9<br/>Bytes: 3410' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-77.487503, 39.043701] },
  'properties': { 'title': '184.73.230.118', 'description': 'AS: AS14618 Amazon.com, Inc.<br/>Country: United States<br/>City: Ashburn, VA<br/>Packets: 10<br/>Bytes: 1384' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-97.000000, 38.000000] },
  'properties': { 'title': '24.143.203.42', 'description': 'AS: AS7843 Time Warner Cable Internet LLC<br/>Country: United States<br/>City: -<br/>Packets: 10<br/>Bytes: 1650' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-104.873802, 39.623699] },
  'properties': { 'title': '204.2.164.8', 'description': 'AS: AS2914 NTT America, Inc.<br/>Country: United States<br/>City: Englewood, CO<br/>Packets: 47<br/>Bytes: 35518' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-118.298698, 33.786598] },
  'properties': { 'title': '68.71.208.178', 'description': 'AS: AS8137 Disney Online<br/>Country: United States<br/>City: Burbank, CA<br/>Packets: 16<br/>Bytes: 9332' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-98.398697, 29.488899] },
  'properties': { 'title': '72.32.153.177', 'description': 'AS: AS33070 Rackspace Hosting<br/>Country: United States<br/>City: San Antonio, TX<br/>Packets: 16<br/>Bytes: 2476' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-122.419403, 37.774899] },
  'properties': { 'title': '63.233.61.22', 'description': 'AS: AS20940 Akamai International B.V.<br/>Country: United States<br/>City: San Francisco, CA<br/>Packets: 766<br/>Bytes: 678473' }
},
{
  'type': 'Feature', 'geometry': { 'type': 'Point', 'coordinates': [-118.298698, 33.786598] },
  'properties': { 'title': '68.71.209.230', 'description': 'AS: AS8137 Disney Online<br/>Country: United States<br/>City: Burbank, CA<br/>Packets: 37<br/>Bytes: 10818' }
},
                ]
            };
            map = new OpenLayers.Map('map', {
                controls: [
                    new OpenLayers.Control.PanZoomBar(),
                    new OpenLayers.Control.ZoomBox(),
                    new OpenLayers.Control.ScaleLine(),
                    new OpenLayers.Control.MousePosition(),
                    new OpenLayers.Control.MouseDefaults(),
                    new OpenLayers.Control.Attribution()
                    ],
                //projection: new OpenLayers.Projection("EPSG:900913"),
                //displayProjection: new OpenLayers.Projection("EPSG:4326"),
                //maxExtent: new OpenLayers.Bounds(-20037508.34,-20037508.34, 20037508.34, 20037508.34),
                //numZoomLevels: 18,
                //maxResolution: 156543,
                //units: "m"
            });
            layer = new OpenLayers.Layer.WMS("OpenLayers WMS",
                    "http://vmap0.tiles.osgeo.org/wms/vmap0",
                    {layers: 'basic'} );
            map.addLayer(layer);
            //map.addLayer(new OpenLayers.Layer.OSM.Mapnik("Mapnik"));
            //map.addLayer(new OpenLayers.Layer.Text("IP Locations", {
            //    location: map_file, projection: new OpenLayers.Projection("EPSG:4326")} ) );
            //
            //map.setCenter(new OpenLayers.LonLat(lon, lat), zoom);

            var geojson_format = new OpenLayers.Format.GeoJSON();
            var vector_layer = new OpenLayers.Layer.Vector("IP Endpoints");
            map.addLayer(vector_layer);
            vector_layer.addFeatures(geojson_format.read(endpoints));

            if (endpoints.features.length < 1) {
                document.getElementById("statusmsg").innerHTML = "No endpoints to map";
            } else {
                map.zoomToExtent(vector_layer.getDataExtent());
            }

            selectControl = new OpenLayers.Control.SelectFeature(vector_layer);
            map.addControl(selectControl);
            selectControl.activate();

            vector_layer.events.on({
                'featureselected': EndpointSelected,
                'featureunselected': EndpointUnselected
            });
        }
        // -->
    </script>
  </head>
  <body onload="init()">
    <div id="statusmsg" style="float: right; z-index: 9999;"></div>
    <div id="map" style="z-index: 0;"></div>
  </body>
</html>

1个回答

事实证明，我遇到了Wireshark 错误 5016 ......根据错误附件中的代码差异，我通过对ipmap.html......的内容进行一些细微更改来显示地图。

前后的unix差异看起来像这样....../tmp/ipmap.html是工作副本......

mpenning@Mudslide:~$ diff ipmap.orig.html /tmp/ipmap.html 
158c158
<                     new OpenLayers.Control.MouseDefaults(),
---
>                     new OpenLayers.Control.Navigation(),
160c160
<                     ],
---
>                     ]
mpenning@Mudslide:~$

只需更改OpenLayers.Control.MouseDefaults()为OpenLayers.Control.Navigation()，然后删除包含我们更改的值的括号后的尾随逗号。现在我有一个工作地图...

Wireshark GeoIP 地图

工作 html 文件的摘录...

       map = new OpenLayers.Map('map', {
            controls: [
                new OpenLayers.Control.PanZoomBar(),
                new OpenLayers.Control.ZoomBox(),
                new OpenLayers.Control.ScaleLine(),
                new OpenLayers.Control.MousePosition(),
                new OpenLayers.Control.Navigation(),
                new OpenLayers.Control.Attribution()
                ]
            //projection: new OpenLayers.Projection("EPSG:900913"),

其它你可能感兴趣的问题

上一篇运行 Comware 7 的 HP 6125 XLG 交换机上的 QoS 下一篇小型企业 SIP 故障转移到多个 ISP

空白的 Wireshark GeoIP 地图

设置

问题

细节

文件： ipmap.html

工作 html 文件的摘录...

文件： `ipmap.html`