Need to check amount of downloaded data from some address when there are connection issues. Such issues are emulated with clumsy. All packets that are received from specific host are filtered by WireShark using following filter: http.host == "mybucket.s3.amazonaws.com". Then I can view length of received packets in Summary (Statistic->Summary), but it shows only 'green' packets. So, is it not correct amount of downloaded data. How I can view amount of of downloaded data for a specific host? asked 16 Sep '14, 11:29  izdryk edited 22 Oct '14, 02:37  JeffMorriss ♦ |
One Answer:
I'm not sure what you mean by 'green' packets, but your filter will only show frames that contain a HTTP Host: header with the mentioned content. That's of course not all frames of the TCP session! It will show just the HTTP request frames which contain that Host: header. You could try filter on
HINT: Wireshark will resolve mybucket.s3.amazonaws.com to an IP address before it builds the filter. As Amazon might return several IP addresses for that name, even different ones for several DNS requests (DNS balancing), the filter might look for the wrong IP address. So, the best way would be to identify the session you are looking for with your first filter
Then try to figure out all server IP addresses matching that name (the destination IP addresses where the HTTP requests were sent to). Then take those IP addresses and build one or more filters to view all frames coming from those servers, aka. the downloaded data.
Regards answered 22 Oct '14, 05:06  Kurt Knochner ♦ |
