tcpdump mailing list archives
Parsing Traffic From Packets
From: "Travis J. Hicks" <travis () desideratum com>
Date: Fri, 07 Mar 2003 22:59:51 -0600
Hello, I have a project, here's what I need to do. I need to make something that displays the traffic on a specified interface, in hex, using tcpdump. It does not need to show information on the packets themselves, just the traffic. For example, when monitoring the loading of a web page, it would display the GET request, the resulting headers, and the HTML. Executing "sudo tcpdump -i en0 -x" is close to what I want. It would be fairly easy to parse out the IPs and hex data. The problem is, it displays the packet header/footer bytes in addition to the traffic I want to display. So, it seems I need to do some basic parsing of this data. I just need to parse it enough so that I can extract the traffic from the packet. If packets can be delivered out of order, then I would also need to parse it enough to reconstruct the traffic. I am aware that there are tools that accomplish this, but I need to do this with tcpdump. Any suggestions on how to accomplish this? Even a link to the appropriate RFC would be appreciated. Thanks! -- Best Regards, Travis J. Hicks - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Parsing Traffic From Packets Travis J. Hicks (Mar 07)