Reputation: 23
Wireshark HTTP Trace
How do I trace the path of HTTP packets using Wireshark. When I filter out using keyword "HTTP", all I see is just the source and destination IP addresses, rather for every HTTP request I would want to see what path did it take with their IP addresses. I would like to see an output similar to traceroute.
Upvotes: 1
Views: 1203
Answers (1)
Reputation:
It is impossible for a sniffer program to determine the full path that an IP packet took merely by looking at the packet, unless one of the IP "record route" options was used, so that the packet, as received by the program, contains the full route. That option is rarely, if ever, set.
In addition, that wouldn't help for packets sent by the machine running the sniffer program - you have to capture packets on the final machine in order for the recorded route to have the full path.
So, no, Wireshark can't do this, tcpdump can't do this, Microsoft Network Monitor can't do this, KSniffer can't do this, NetScout Sniffer can't do this, OmniPeek can't do this, no sniffer can do this.
Upvotes: 2
Related Questions
- HTTP requests trace
- Wireshark not showing http protocols
- http request statistics in wireshark
- Why I can not read http request with wireshark?
- Wireshark, simple way to find http request posts
- how to capture HTTP packets in wireshark
- Wireshark saving filter result
- how can I configure wireshark to capture to not-80 port http request?
- Wireshark HTTP requests
- How can I extract HTTP data going over SOCKS with Wireshark?