User Tools

Site Tools


This is an old revision of the document!

Analyze HTTP traffic with simple command line tools

This “simple” and yet effective command will show all the incoming/outgoing HTTP GET and POST plain requests.

 stdbuf -oL -eL /usr/sbin/tcpdump -A -s 10240 "tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" | egrep -a --line-buffered ".+(GET |HTTP\/|POST )|^[A-Za-z0-9-]+: " | perl -nle 'BEGIN{$|=1} { s/.*?(GET |HTTP\/[0-9.]* |POST )/\n$1/g; print }'\n
docu/csheet/sysadm/script/bash/tcpdump_stdbuf_traffic.1583916787.txt.gz · Last modified: 2020/03/11 08:53 by admin