Another way for me to track
this problem down is for me to sniff all Safari browsers on MAC’s using HTTP
coming into our webservers.
I will need to create a filter
using the offset values for:
HTTP_USER_AGENT=Mozilla/5.0
(Macintosh; U; Intel Mac OS X 10_4_11; en)
Can anyone help me this
together?
Thanks
john
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Sheahan,
John
Sent: Monday, March 01, 2010 5:38 PM
To: 'Community support list for Wireshark'
Subject: [Wireshark-users] Hex Offset Needed
I am trying to troubleshoot an HTTP problem where the
StatusCode=0 in the HTTP header.
I need to capture packets containing this parameter but since I am doing it on
a Netscout probe, I have no way to figure out the offset of this in a packet.
Can anyone tell me what hex offset I would need to put in as
a filter to capture these packets?
Thanks
John