First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How to disable HTTP protocol dissection in Wireshark?

Hi everyone,

I'm trying to disable the dissection of HTTP protocol in Wireshark for my specific use case. I don't need to analyze HTTP traffic and want to speed up the processing time by removing this feature. I'm running Wireshark as a command-line tool without a graphical user interface.

I've looked through the source code and documentation, but I couldn't find a straightforward way to disable the HTTP protocol dissection. Can anyone point me in the right direction? Is there a specific file or function I need to modify or remove?

Any help would be appreciated. Thank you!

dora's avatar
1
dora
asked 2023-03-27 07:00:04 +0000
edit flag offensive 0 remove flag close merge delete

Comments

I'm running Wireshark as a command-line tool without a graphical user interface.
Do you mean tshark?

Chuckc's avatar Chuckc (2023-03-27 13:15:47 +0000) edit
more
  • delete

yes,it's tshark

dora's avatar dora (2023-03-28 02:12:27 +0000) edit
more
  • delete

Could you use the --disable-protocol option?

Chuckc's avatar Chuckc (2023-03-28 11:40:17 +0000) edit
more
  • delete

Not yet, I'm not aware of this parameter. I can't find an option for --disable-protocol in the CMakeLists.txt file,How do I get more information about this option?

dora's avatar dora (2023-03-29 02:59:02 +0000) edit
more
  • delete

See the tsharkman page: https://www.wireshark.org/docs/man-pa...

Chuckc's avatar Chuckc (2023-03-29 10:40:27 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

What you can do is add http to the disabled_protos file. If that file doesn't exist yet, go through the GUI (Analyze | Enabled Protocols, and search for http), then the file will be created.

Jaap's avatar
13.7k
Jaap
answered 2023-03-27 08:33:12 +0000
edit flag offensive 0 remove flag delete link
more

Comments

You mean create file in the gui graphical interface?i Compile on the command line,not in the GUI

dora's avatar dora (2023-03-29 07:08:23 +0000) edit
more
  • delete

Is there any other way to find this file?

dora's avatar dora (2023-03-29 07:09:16 +0000) edit
more
  • delete

I have found this folder, under /epan, thank you!

dora's avatar dora (2023-03-29 07:12:22 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer