http过滤
http.request.method == “GET”
http.request.method == “POST”
GET包
http.request.method == “GET” && http contains “Host: “
http.request.method == “GET” && http contains “User-Agent: “
POST包
http.request.method == “POST” && http contains “Host: “
http.request.method == “POST” && http contains “User-Agent: “
响应包
http contains “HTTP/1.1 200 OK” && http contains “Content-Type: “
http contains “HTTP/1.0 200 OK” && http contains “Content-Type: “
协议过滤
tcp,
udp,
arp,
icmp,
http,
smtp,
ftp,
dns,
ip,
ssl