HTTP
HTTP is an application layer protocol used in WWW. HTTP enables communications between the HTTP client and HTTP server. Example traffic is shown in the following screenshot. An HTTP GET request is created by the client (browser or cURL), and the HTTP server has responded with the appropriate content type:
HTTP Wireshark filter
Use http to display HTTP packets only. Use TCP port 80 to filter for HTTP traffic only; port 80 is the default HTTP port.
HTTP use cases
The following example shows different use cases where Wireshark can help to analyze HTTP packets.
Finding the top HTTP response time
Open the file
http_01.pcap in the Wireshark, and find the top HTTP response time for the request HTTP get:
Click on Edit | Preferences | Protocols | TCP, uncheck Allow subdissector to reassemble TCP streams. This will help in knowing how many continuation packets there are to get the actual content and it will help in fine-tuning TCP parameters—for example, setting up the TCP window size to reduce the...
