Catch only http packets

Oct 21, 2014 at 8:16 AM
Hey , i'm currently working on project that require me to capture (from wireshark) an http packets
(let's say a GET and 200OK pakcets) and then process them in my code - i want to do that just lke the example that you given .
in thus example i try to do that , but the packets didn't Received in Chronological order and didn't display the http's headers .

do i need to use other tool for that ?
my main goal for now is to have access to an http response body-content (i want to save a pic in a new JPEG from the data in the body of the packet).

i really hoping u can help me there :)
Coordinator
Oct 24, 2014 at 12:34 PM
Hi shay_amar87,

TCP packets aren't assured to arrive on chronological order.
Some packets might arrive more than once, some packets will be missing and be retransmitted.
If you want to fully parse the HTTP request and response, you will need to reconstruct the TCP session.
If you want to just get the beginning of the HTTP request and response, you can try and filter out other packets and only treat these ones.

I hope this helps,

Boaz.