Wireshark mailing list archives

Re: where can I find the ip src address in packet-http.c

From: Richard Sharpe <realrichardsharpe () gmail com>
Date: Mon, 6 Dec 2010 23:08:48 -0500

On Mon, Dec 6, 2010 at 11:04 PM, 刘昆 <liukunmeister () gmail com> wrote:

于 2010年12月07日 11:56, Guy Harris 写道:

On Dec 6, 2010, at 7:48 PM, 刘昆 wrote:

I have solve this problem about get ip address.However there is
another question,When I print the ip address I notice there are two
ip addresses I get.

Yes, there are two IP addresses in every IP packet - the source address,
pinfo->src, and the destination address, pinfo->dst.  pinfo->src has only
one IP address, and pinfo->dot has only one IP address.

I think this because there are two kinds of packet in or out.So how to judge
a packet is in or out ?

What do you mean by "in" and "out"?  For HTTP traffic, you usually have
traffic going from the client (for example, a browser) to the server, and
traffic going from the server to the client.  You would have to look at
whether the packet is an HTTP request (which goes from the client to the
server) or an HTTP reply (which goes from the server to the client) to
determine in which direction the packet is going.


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Yes,this is what exactly I mean.  So how should I judge a packet is a
request or reply in packet-http.c?


Ummm, in request the dst port is 80, in a reply the src port is 80.
This is basic TCP/IP stuff.

-- 
Regards,
Richard Sharpe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
- Re: where can I find the ip src address in packet-http.c Guy Harris (Dec 06)
  - Re: where can I find the ip src address in packet-http.c Bill Meier (Dec 06)
  - Re: where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
    - Re: where can I find the ip src address in packet-http.c Guy Harris (Dec 06)
    - Re: where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
    - Re: where can I find the ip src address in packet-http.c Guy Harris (Dec 06)
    - Re: where can I find the ip src address in packet-http.c 刘昆 (Dec 06)
    - Re: where can I find the ip src address in packet-http.c Richard Sharpe (Dec 06)
    - Re: where can I find the ip src address in packet-http.c James Deucker (Dec 07)