Parsing Traffic From Packets

["Travis J. Hicks" <travis () desideratum com>]

Hello,

I have a project, here's what I need to do.  I need to make something that
displays the traffic on a specified interface, in hex, using tcpdump.  It
does not need to show information on the packets themselves, just the
traffic.  For example, when monitoring the loading of a web page, it would
display the GET request, the resulting headers, and the HTML.

Executing "sudo tcpdump -i en0 -x" is close to what I want.  It would be
fairly easy to parse out the IPs and hex data.  The problem is, it displays
the packet header/footer bytes in addition to the traffic I want to display.
So, it seems I need to do some basic parsing of this data.  I just need to
parse it enough so that I can extract the traffic from the packet.  If
packets can be delivered out of order, then I would also need to parse it
enough to reconstruct the traffic.

I am aware that there are tools that accomplish this, but I need to do this
with tcpdump.  Any suggestions on how to accomplish this?  Even a link to
the appropriate RFC would be appreciated.  Thanks!



-- 
Best Regards,
Travis J. Hicks

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe