Victor,
There are two parts to the answer.
1. To capture you SOAP traffic on TCP port 9876, the capture filter just needs to be "tcp port 9876 and host 192.168.2.173"
2. By default Wireshark won't know that the traffic on TCP 9876 is HTTP/XML. To get it recognise this, simply right click in the packet list on one of the TCP 9876 frames and select Decode As... Then go to the Transport tab and select HTTP. You should then be done.
You can also permanently configure 9876 as a valid HTTP port in the Configure:Protocols menu item for HTTP.
Regards, Martin
MartinVisser99@xxxxxxxxx
On Sat, Sep 11, 2010 at 12:30 AM, Victor Hugo Jabur Passavaz
<victorjabur@xxxxxxxxx> wrote:
Hello,
I have a webservice and your endpoint is: http://192.168.2.173:80/ts?wsdl
For each invoke that i make for webservice, the wireshark capture some TCP packages and "HTTP/XML" protocol, request and response. I am interested in only protocol "HTTP/XML".
For this capture i use this capture filter: "tcp port http and host 192.168.2.173". It Works.
My question is: Th wireshark only capture my soap message if my webservice is running at port 80.
I tried to make this capture filter: "host 192.168.2.173"
But with this filter, the packets "HTTP/XML" isn't captured. Just any TCP packets is captured
If i change my port from 80 to 9876 for example, what "capture filter" i should use and why "HTTP/XML" packages is captured when and only my webservice is running at port 80 ?
Thanks.
Victor Jabur
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe