If it's "secure HTTP", it'll show as "SSL" (Secure Sockets Layer, although the current versions of that protocol are called Transport Layer Security, or TLS), and won't show up as HTTP unless Wireshark can decrypt it.Īnd your display filter "ip.addr = 192.168.0.1" will show that traffic only if it's HTTP traffic to or from 192.168.0.1 if that's not the address of the machine on which you're running Wireshark, and not the address of the site to which you're browsing, the traffic between your machine and that site will not have 192.168.0.1 as an IP address (not even if the traffic is being routed through 192.168.0.1) and thus won't be matched by that filter. That traffic will be shown by Wireshark as "HTTP", not "SSDP", and will run over TCP, if it's not "secure HTTP" ("https") traffic. So, yes, it's an HTTP-based protocol, and, yes, it runs atop UDP rather than TCP.īut it's not what's used for normal Web site access. You are displaying all the requests whose responses you are not interested in. Apply a display filter of 'http.request & contains '/URL' Note the ''. As that Wikipedia article says, it is "a text-based protocol based on HTTPU" and "uses the User Datagram Protocol (UDP) as the underlying transport protocol." Wireshark generates fields to correlate HTTP requests and responses, so you can do this with a little work. SSDP is the Simple Service Discovery Protocol.
0 kommentar(er)
