本文闡述了一種不使用任何工具就可網(wǎng)絡抓包的方法。相比Charles，各有優(yōu)點吧。音視頻和文件傳輸?shù)陌嗫刹东@到（Wireshark查看）。

iOS 5 added a remote virtual interface (RVI) facility that lets you use OS X packet trace programs to capture traces from an iOS device. The basic strategy is:

本人實測，iOS9，iOS10上可行。

$ ifconfig -l

查看當前端口號。

lo0 gif0 stf0 en0 en1 en2 p2p0 awdl0 bridge0 utun0

$ rvictl -s 74bd53c647548234ddcef0ee3abee616005051ed

添加你的設備的端口

Starting device 74bd53c647548234ddcef0ee3abee616005051ed [SUCCEEDED] with interface rvi0

再次執(zhí)行? $ ifconfig -l 可以看到 添加成功了

lo0 gif0 stf0 en0 en1 en2 p2p0 awdl0 bridge0 utun0 rvi0

$ sudo tcpdump -i rvi0 -w 00.pacp

輸入密碼后，執(zhí)行此命令。開始監(jiān)聽端口網(wǎng)絡。

tcpdump: WARNING: rvi0: That device doesn't support promiscuous mode

(BIOCPROMISC: Operation not supported on socket)

tcpdump: listening on rvi0, link-type PKTAP (Apple DLT_PKTAP), capture size 262144 bytes

停止抓吧， 先使用control + C，結(jié)束當前編輯行模式。在執(zhí)行如下命令

$ rvictl -x 74bd53c647548234ddcef0ee3abee616005051ed

Stopping device 74bd53c647548234ddcef0ee3abee616005051ed [SUCCEEDED]

Important: The RVI represents the entire networking stack of the iOS device; there's no way to trace a specific interface on the device, or even learn which packets were transferred on which interface.