There was a discussion on StackOverflow that might interest you:
http://stackoverflow.com/questions/2257172/http-header-in-a-packets[
^].
I'm not sure what you are up to, but reading the HTT protocol on TCP packet level should prove to be quite entertaining ( though only if you are a masochist ). I suspect you want to trigger some action when certain header values are encountered. To make sure we understand what you are trying to achieve it would be best to explain your goals.
Using proxies could be an alternative if you have any control over the network architecture. I'm affirmative this is
not some kind of intrusion attempt?
Cheers!
—MRB