Wireshark mailing list archives

Re: where can I find the ip src address in packet-http.c

From: James Deucker <jimd () bragi0 com>
Date: Wed, 8 Dec 2010 15:35:47 +1100

Hi,

what you're most likely after is

if (pinfo->match_port == pinfo->destport)
{

-- 
thanks,

James

On 7 December 2010 15:04, 刘昆 <liukunmeister () gmail com> wrote:

 于 2010年12月07日 11:56, Guy Harris 写道:


On Dec 6, 2010, at 7:48 PM, 刘昆 wrote:

I have solve this problem about get ip address.However there is
another question,When I print the ip address I notice there are two
ip addresses I get.


 Yes, there are two IP addresses in every IP packet - the source address,
pinfo->src, and the destination address, pinfo->dst.  pinfo->src has only
one IP address, and pinfo->dot has only one IP address.

I think this because there are two kinds of packet in or out.So how to
judge a packet is in or out ?


 What do you mean by "in" and "out"?  For HTTP traffic, you usually have
traffic going from the client (for example, a browser) to the server, and
traffic going from the server to the client.  You would have to look at
whether the packet is an HTTP request (which goes from the client to the
server) or an HTTP reply (which goes from the server to the client) to
determine in which direction the packet is going.


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org> <wireshark-dev () wireshark org>

Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe <wireshark-dev-request () wireshark 
org?subject=unsubscribe>

 Yes,this is what exactly I mean.  So how should I judge a packet is a
request or reply in packet-http.c?

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
- Re: where can I find the ip src address in packet-http.c Guy Harris (Dec 06)
  - Re: where can I find the ip src address in packet-http.c Bill Meier (Dec 06)
  - Re: where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
    - Re: where can I find the ip src address in packet-http.c Guy Harris (Dec 06)
    - Re: where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
    - Re: where can I find the ip src address in packet-http.c Guy Harris (Dec 06)
    - Re: where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
    - Re: where can I find the ip src address in packet-http.c Richard Sharpe (Dec 06)
    - Re: where can I find the ip src address in packet-http.c James Deucker (Dec 07)