On Fri, Jul 21, 2006 at 05:22:21PM -0700, Stephen Fisher wrote:
> Attached is a patch to packet-http.c that calls a subdissector for
> traffic flowing through a proxy via the HTTP CONNECT method. Most
> protocols, especially SSL, can be tunneled through an HTTP proxy.
> Wireshark currently says this traffic is "Continuation or non-HTTP
> traffic" but this patch turns the payload over to the dissector for the
> protocol being tunneled. This is similar to how the Socks dissector
> works.
I've two related questions regarding your patch: What will that mean in
terms of CPU overhead? What will that mean in terms of long term memory
usage?
ciao
Joerg