I am playing with Wireshark. I am trying to view an HTTP request to http://example.com/?q=foobar that I made from a device on my Wi-Fi network.
I inputted my SSID and WPA password to the 802.11 decryption dialog, and then I turned Wi-Fi off and on on my device so that I could capture an EAPOL packet and thus decrypt my session. Then, I navigated to http://example.com/?q=foobar.
When I use wlan.addr == AB:CD:EF:12:34:56 (my device's MAC address) as a display filter, I see a lot of packets with Protocol 802.11 and a relatively small number with ICMPv6, DHCP, ARP, MDNS, IGMPv2, and others. However, that's it. I do not see any TCP packets, let alone HTTP packets. http and tcp as display filters both return no results.
I know that I am getting the traffic from the correct device, as I see the device name buried in some of the MDNS packets.
Can someone help me find the missing HTTP packets?
