Hi, I have a trace file in which there are many HTTP requests and responses. All these requests and responses are in the same TCP connection. Of these different requests and responses I want to filter out a specific set of requests which has the string advert in the HTTP request. This can be done using http.request.uri.contains filter, but I want to visualize the entire TCP conversation only for these requests. Since it is the same stream as all other requests tcp stream filter doesn't do the job here. Is there another way to get this done? Thanks, much appreciated! /venky asked 04 Jul '14, 04:56  venky |
One Answer:
Thanks for the answer. I came up with a different fix for the problem. I am just using packet numbers to create a filtered stream together with other filters which will filter the conversation between the host and the server. Of course the first few TCP segments from the client to server will contain acks for previous responses. Just looking at the sequence number of the request I can remove the unnecessary packets and voila... answered 07 Jul '14, 00:23 venky |
Are you looking for a way to extract requests together with their responses?
Yes, exactly, with the entire response stream for the requests which match.
Duplicate of https://ask.wireshark.org/questions/30972/filter-the-response-to-a-matched-http-request