Re: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump

[Guy Harris <gharris () sonic net>]

On Thu, Apr 17, 2003 at 02:09:19AM -0700, SourceForge.net wrote:
> Patches item #723026, was opened at 2003-04-17 11:09
> Message generated for change (Tracker Item Submitted) made by Item Submitter
> You can respond by visiting: 
> https://sourceforge.net/tracker/?func=detail&atid=469575&aid=723026&group_id=53066
>
> Category: None
> Group: None
> Status: Open
> Resolution: None
> Priority: 5
> Submitted By: Rene de Vries (renedevries)
> Assigned to: Nobody/Anonymous (nobody)
> Summary: Add -A (print ASCII) flag to tcpdump
>
> Initial Comment:
> Print the payload of TCP packets in human-readable (ASCII) format. 
> This can be usefull when debugging readable protocols (like SMTP, 
> HTTP, etc).
>
> Author: Edwin H. Kremer <edwin () tunix nl>

The current CVS tcpdump already has a "-A" flag; the man page says:

       -A     Print  each packet (minus its link level header) in
              ASCII.  Handy for capturing web pages.

"Print each packet (minus its link level header)" means "print
everything except for the link-layer header", which means it prints IP
and TCP headers in ASCII, as well as the payload.

Your patch appears to print only the TCP payload in ASCII.

It seems to me that the latter, i.e. printing only the TCP payload,
makes more sense - the IP and TCP headers aren't ASCII text, but at
least some of an HTTP request or reply is (not all of it necessarily is,
you could be downloading Pamela Anderson's Greatest T^HHits, for
example).

Does anybody else have any comments?
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe