Ask Your Question
0

why protocol is not showing as HTTP even though we sent http request ?

asked 2017-11-03 10:36:19 +0000

this post is marked as community wiki

This post is a wiki. Anyone with karma >750 is welcome to improve it.

why protocol is not showing as HTTP eventhough we sent http request ?

This is my scenario : We are sending the HTTP traffic via proxy and capturing the traffic in proxy device. For some reasons, the protocol is showing as TCP for HTTP request and response , eventhough we send the valid http request via curl. After disabling the allow subdissector to reassemble TCP streams in Edit-> Preferences -> TCP protocol , then the HTTP protocol is displaying properly. But in this scenario, we are not able to export HTTP objects , since it is coming it as multiple segments/chunked .

The main requirement is to export HTTP objects with enabling the "allow subdissector to reassemble TCP streams" option and protocol should display as HTTP protocol.

Any pointers are appreciated .

Thanks,

edit retag flag offensive close merge delete

Comments

Wireshark version?

Jaap gravatar imageJaap ( 2017-11-03 10:47:00 +0000 )edit

Seen in wireshark 2.4.0/1/2

Kumaran Shanmugam gravatar imageKumaran Shanmugam ( 2017-11-03 11:02:54 +0000 )edit

If you need an info on pcap, then I can share the pcap file

Kumaran Shanmugam gravatar imageKumaran Shanmugam ( 2017-11-03 11:03:35 +0000 )edit

Yes, a PCAP file would be useful. Actually, given the description, I'd suggest simply opening a bug report at https://bugs.wireshark.org

JeffMorriss gravatar imageJeffMorriss ( 2017-11-03 13:19:52 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-06-30 01:56:45 +0000

AndyW gravatar image

Sometimes the proxy servers are configured to use a different port number than port 80, or the other usual ports, for HTTP/HTTPS traffic. If you look at Edit> Preferences> Protocols> HTTP - you will see that by default Wireshark looks for these ports: 80,3128,3132,5985,8080,8088,11371,1900,2869,2710

If your proxy server uses a different port, simply add it to the list, or create a profile that has that port configured. Let us know if that works....

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-11-03 10:36:19 +0000

Seen: 5,679 times

Last updated: Jul 01 '18