docu:csheet:sysadm:script:bash:tcpdump_stdbuf_traffic [NoBIGTech Wiki Técnico]

docu:csheet:sysadm:script:bash:tcpdump_stdbuf_traffic

This is an old revision of the document!

Analyze HTTP traffic with simple command line tools

This “simple” and yet effective command will show all the incoming/outgoing HTTP GET and POST plain requests.

stdbuf -oL -eL /usr/sbin/tcpdump -A -s 10240 "tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" | \
    egrep -a --line-buffered ".+(GET |HTTP\/|POST )|^[A-Za-z0-9-]+: " | \
    perl -nle 'BEGIN{$|=1} { s/.*?(GET |HTTP\/[0-9.]* |POST )/\n$1/g; print }'\n

docu/csheet/sysadm/script/bash/tcpdump_stdbuf_traffic.1583916859.txt.gz · Last modified: 2020/03/11 08:54 by admin