dgaudet 98/04/17 15:11:57
Added: src/test tcpdumpscii.txt
Log:
script for decoding ascii in tcpdump output
Revision Changes Path
1.1 apache-1.3/src/test/tcpdumpscii.txt
Index: tcpdumpscii.txt
===================================================================
From [EMAIL PROTECTED] Fri Apr 17 15:16:16 1998
Date: Sat, 22 Nov 1997 20:44:10 -0700 (MST)
From: Marc Slemko <[EMAIL PROTECTED]>
To: TLOSAP <new-httpd@apache.org>
Subject: Re: Getting ethernet packets content under FreeBSD? (fwd)
Reply-To: new-httpd@apache.org
Anyone too lazy to hack tcpdump (eg. my tcpdump has a -X option to display
the data in ASCII) can use something like the below to grab HTTP headers
when debugging broken clients.
Nothing complicated, but handy.
---------- Forwarded message ----------
Date: Sat, 22 Nov 1997 14:35:23 PST
From: Bill Fenner <[EMAIL PROTECTED]>
To: Nate Williams <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Getting ethernet packets content under FreeBSD?
I usually just use this perl script, which I call "tcpdumpscii".
Then run "tcpdumpscii -s 1500 -x [other tcpdump args]".
Bill
#!/import/misc/bin/perl
#
#
open(TCPDUMP,"tcpdump -l @ARGV|");
while (<TCPDUMP>) {
if (/^\s+(\S\S)+/) {
$sav = $_;
$asc = "";
while (s/\s*(\S\S)\s*//) {
$i = hex($1);
if ($i < 32 || $i > 126) {
$asc .= ".";
} else {
$asc .= pack(C,hex($1));
}
}
$foo = "." x length($asc);
$_ = $sav;
s/\t/ /g;
s/^$foo/$asc/;
}
print;
}
