Newbie question …
I’m trying to use tshark to analyze traffic to port 8090 on another machine. The traffic is all HTTP PUTs and reponses. I’m able to specify the port number for capture (“tcp port 8090”), and the http filter works when if I use port 80 instead, but I can’t get them to work in conjunction. Is there a way to make this work?
If not, could someone point me to the source and toolset that were used to produce http.cap? Maybe I can tweak it for port 8090?