The project I am working on needs to use wireshark to capture the test packets of the local loop. It turns out that I can't capture the tcp packets of 127.0.0.1. No matter how I look at it, there are no packets of 127.0.0.1. After working for a long time, I found that if It is the tcp client that communicates with other IPs and wireshark can be intercepted normally.
Not reconciled, I searched the Internet for the method of using wireshark to capture packets on the local loop. Only then did I know that it turned out that there is no local loop interface under Windows TCP/IP, so it cannot be obtained with the commonly used Windows packet capture drivers, such as winpcap, and wireshark is It is based on winpcap, so it must not be able to capture packets. Wireshark under linux should be able to see an interface named "loopback interface".
Of course, it does not mean that under Windows, you should not try to capture the local loop package. There must be other methods. It seems that commview can capture the local loop package on the Internet. There is also a green, small (17K) open source software RawCap. Capture (download address: http://www.netresec.com/?page=RawCap ). Save the captured packet as a pcap suffix, open it with wireshark, and you can continue the analysis.
Other methods are more troublesome, and it is too troublesome to change the IP, routing, etc.