-------------------------------------------------- From: "Greg Hauptmann" <[email protected]> Sent: Wednesday, July 14, 2010 11:38 PM To: <[email protected]> Subject: [Winpcap-users] how can I get protocol (e.g. HTTP) within TCPpacket, and HTTP fields?
> Hi, > > As background I'm want to be able to, within a capture access: > * what is the protocol within the TCP packets, e.g. HTTP? > (specifically I'm after filter on web traffic) > * what is the Length of the HTTP part > > Q1 - Does WinPCap support getting this? WinPcap provides you the TCP packets. It doesn't provide any code to reconstruct the original TCP stream and parse the HTTP headers. > Q2 - If no, any recommendations re how to? I would have a look at how Wireshark (or snort) does that. Have a nice day GV > > > thanks > _______________________________________________ > Winpcap-users mailing list > [email protected] > https://www.winpcap.org/mailman/listinfo/winpcap-users _______________________________________________ Winpcap-users mailing list [email protected] https://www.winpcap.org/mailman/listinfo/winpcap-users
