| |
| From marcs@znep.com Fri Apr 17 15:16:16 1998 |
| Date: Sat, 22 Nov 1997 20:44:10 -0700 (MST) |
| From: Marc Slemko <marcs@znep.com> |
| To: TLOSAP <new-httpd@apache.org> |
| Subject: Re: Getting ethernet packets content under FreeBSD? (fwd) |
| Reply-To: new-httpd@apache.org |
| |
| Anyone too lazy to hack tcpdump (eg. my tcpdump has a -X option to display |
| the data in ASCII) can use something like the below to grab HTTP headers |
| when debugging broken clients. |
| |
| Nothing complicated, but handy. |
| |
| ---------- Forwarded message ---------- |
| Date: Sat, 22 Nov 1997 14:35:23 PST |
| From: Bill Fenner <fenner@parc.xerox.com> |
| To: Nate Williams <nate@mt.sri.com> |
| Cc: bmah@ca.sandia.gov, hackers@FreeBSD.ORG |
| Subject: Re: Getting ethernet packets content under FreeBSD? |
| |
| I usually just use this perl script, which I call "tcpdumpscii". |
| Then run "tcpdumpscii -s 1500 -x [other tcpdump args]". |
| |
| Bill |
| |
| #!/import/misc/bin/perl |
| # |
| # |
| open(TCPDUMP,"tcpdump -l @ARGV|"); |
| while (<TCPDUMP>) { |
| if (/^\s+(\S\S)+/) { |
| $sav = $_; |
| $asc = ""; |
| while (s/\s*(\S\S)\s*//) { |
| $i = hex($1); |
| if ($i < 32 || $i > 126) { |
| $asc .= "."; |
| } else { |
| $asc .= pack(C,hex($1)); |
| } |
| } |
| $foo = "." x length($asc); |
| $_ = $sav; |
| s/\t/ /g; |
| s/^$foo/$asc/; |
| } |
| print; |
| } |
| |