httpwiresharkmesoswireshark-dissector
Why does wireshark know using http protocol dissect messages from non-standard http port?
I use tcpdump to capture the messages between Mesos master and client, and use wireshark to open it:
Why does wireshark know using http protocol to dissect the message though the port is 5050, not 80. I don't set any special configurations.
Solution
Why does wireshark know using http protocol to dissect the message though the port is 5050, not 80.
Because, in the version of Wireshark you're using, there's a "heuristic" version of the HTTP dissector, which is called for any TCP segment that hasn't been dissected by other dissectors; it looks at the packet to see if it looks enough like part of an HTTP request or response and, if it does, dissects it.