HTTP parsing
Http--packet Counter http Total statistics Http.request.method = = "Get" http GET request Http.response==1 HTTP All response packet http.response==1 &am p;& http.response.code==200 Response Request Successful package http.response==1 && http.response.code==201 201 created prompt to know the URL of the new file, Successfully requested and created a new resource http.response==1 && http.response.code==304 client has been cached without the response body http.response==1 && The http.response.code==302 client continues to use the original Urihttp.request.method==post http.host==magentonotes.comhttp.host contains magentonotes.com//Filter HTTP packets that pass the specified domain name, where the host value is not necessarily the domain name in the request http.response.code==302//Filtering the HTTP response Status Code 302 packet Http.response ==1//Filter all HTTP response packets Http.request==1//filter all HTTP requests, seemingly can also use http.requesthttp.request.method== Post filters All requests for the HTTP request packet for post, note that post is in uppercase Http.cookie contains GUID//filters HTTP packets containing the specified cookie http.request.uri== "/online/ SetPoint "//Filter request URI, value is the part after the domain name http.request.full_uri==" Http://task.browser.360.cn/online/setpoint "// Filtering the entire URL with the domain name requires the use of Http.request.full_urihttp.server contains "nginx"//filter packets containing Nginx characters in the Server field in the HTTP header http.content_ Type = = "text/html"//Filter ConteNt_type is a text/html HTTP response, post package that filters HTTP packets based on file type http.content_encoding = = "gzip"//filter Content_ Encoding is an HTTP packet of gzip http.transfer_encoding = = "chunked"//filter http.content_length by transfer_encoding = = 279http.content_length_header = = "279″//According to the value of content_length filter Http.server// Filter all packets containing the Server field in the HTTP header http.request.version = = "http/1.1"//Filter the http/1.1 version of the HTTP packet, including the request and response Http.response.phrase = = " OK "//filter Phras in HTTP response
TCP Full Analysis:
Wireshark Filter Parsing http/tcp