Wireshark · Wireshark-users: Re: [Wireshark-users] How does wireshark know which is the http response for a given request?

Wireshark-users: Re: [Wireshark-users] How does wireshark know which is the http response for a g

From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>

Date: Thu, 13 Nov 2014 20:35:34 -0500

On 11/13/2014 02:08 AM, Mohamed Lrhazi wrote:

Don't really have much more to add to the subject line :)

It appears the HTTP dissector simply marks the next non-request messageas being the response to the previous request. That is, is there's arequest followed by a non-request message in the other direction thenthat message is the response to the request.

I'd guess this works because HTTP is a request-response protocol (i.e.,you can't make multiple requests on a given TCP connection withoutwaiting for a response). (Admittedly I don't know much about HTTP.)

References:
- [Wireshark-users] How does wireshark know which is the http response for a given request?
  - From: Mohamed Lrhazi

Prev by Date: [Wireshark-users] How does wireshark know which is the http response for a given request?
Next by Date: [Wireshark-users] Extracting SSL Certs using Tshark
Previous by thread: [Wireshark-users] How does wireshark know which is the http response for a given request?
Next by thread: [Wireshark-users] Extracting SSL Certs using Tshark
Index(es):
- Date
- Thread