User Tools

Site Tools


docu:csheet:sysadm:script:bash:tcpdump_stdbuf_traffic

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
docu:csheet:sysadm:script:bash:tcpdump_stdbuf_traffic [2020/03/11 08:54]
admin
docu:csheet:sysadm:script:bash:tcpdump_stdbuf_traffic [2020/03/11 09:07] (current)
admin
Line 4: Line 4:
 This "simple" and yet effective command will show all the incoming/outgoing HTTP GET and POST plain requests. This "simple" and yet effective command will show all the incoming/outgoing HTTP GET and POST plain requests.
 <code bash> <code bash>
-stdbuf -oL -eL /usr/sbin/tcpdump -A -s 10240 "tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" | \+stdbuf -oL -eL tcpdump -A -s 10240 "tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" | \
     egrep -a --line-buffered ".+(GET |HTTP\/|POST )|^[A-Za-z0-9-]+: " | \     egrep -a --line-buffered ".+(GET |HTTP\/|POST )|^[A-Za-z0-9-]+: " | \
-    perl -nle 'BEGIN{$|=1} { s/.*?(GET |HTTP\/[0-9.]* |POST )/\n$1/g; print }'\n+    perl -nle 'BEGIN{$|=1} { s/.*?(GET |HTTP\/[0-9.]* |POST |HEAD )/\n$1/g; print }'\n
 </code> </code>
docu/csheet/sysadm/script/bash/tcpdump_stdbuf_traffic.1583916859.txt.gz · Last modified: 2020/03/11 08:54 by admin