Wireshark · Wireshark-users: Re: [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows

Wireshark-users: Re: [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows

From: Graham Bloice <graham.bloice@xxxxxxxxxxxxx>

Date: Wed, 17 Oct 2012 10:19:55 +0100

On 17 October 2012 02:53, ruslan <ruslanv@xxxxxxxxx> wrote:

Hi guys,

For some reason WireShark doesn't decode gzip'ed http traffic on Windows.

My configuration

WireShark 1.8.3
Windows 7 Ultimate x64
WinPcap 4.1.2
Option "Uncompressed entity bodies" is checked in Preferences / Protocols / HTTP.
Here is how my "Follow TCP Stream" dialog looks like:
http://i.stack.imgur.com/pplYM.png

When I first open this dialog radio-button below is set to "Raw", but when I click on "ASCII" nothing changes.

Any ideas ?

I posted this question on SO as well: http://stackoverflow.com/questions/12925769/wireshark-doesnt-decode-gziped-http-traffic-on-windows

If you look at the protocol tree under the "Line-based text data" entry you will see the uncompressed data. The "Follow TCP Stream" dialog just shows the contents of the TCP payload and doesn't interpret it as HTTP or gzipped data or anything else. The buttons on the dialog allow you to set the display format for the stream bytes.

BTW, a better Q&A site to ask Wireshark questions would be http://ask.wireshark.org

Follow-Ups:
- Re: [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows
  - From: Christopher Maynard

References:
- [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows
  - From: ruslan

Prev by Date: [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows
Next by Date: Re: [Wireshark-users] How to easily identify multiple interfaces in wireshark...
Previous by thread: [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows
Next by thread: Re: [Wireshark-users] WireShark doesn't decode gzip'ed http traffic on Windows
Index(es):
- Date
- Thread