Re: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump

[Guy Harris <gharris () sonic net>]

On Fri, May 02, 2003 at 03:25:03PM +0200, Jørgen Thomsen wrote:
> My idea with the -A option was solely to focus on the payload in a
> human readable form and not having two types of data mixed.
> It is to be used when the data you want to analyze is the payload,
> not the protocol information.
> I have made good use of the option to capture http packets.

Perhaps the right fix for that is to have an "http_print()" routine
that, if "vflag" is <= 1, prints the first line in the TCP segment
(after perhaps checking whether the first line looks like an HTTP
request or reply), and if "vflag" is > 1, prints the first line and all
subsequent lines until it sees a blank line.  (The goal here is to avoid
printing binary data, although the suggested scheme avoids printing all
data, just the HTTP request or reply and the HTTP headers.)

Other ASCII protocols (SMTP, FTP, RTSP, SIP, and so on) could work that
way also.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe