Saya ingin melihat HTTP request dan response dengan tcpdump, tapi ternyata hasilnya banyak character yang "unreadable". Apakah Parameter tcpdump yang murni menghasilkan Protokolnya saja? contoh sederhana:
telnet 192.168.198.6 20080 Trying 192.168.198.6... Connected to 192.168.198.6 (192.168.198.6). Escape character is '^]'. GET / HTTP/1.0 HTTP/1.0 401 Unauthorized Connection: close Server: nortel Web/1.0 Date: Tuesday, 06-Jul-10 02:25:41 GMT Content-Type: text/html Set-Cookie: LOGIN_LEVEL=3; path=/ WWW-Authenticate: Basic realm="Nortel Networks" <HTML> <BODY> nortel Web Server Error Report:<HR> <H1>Server Error: 401 Unauthorized</H1> <P><HR><H2>Access denied</H2><P><HR>please mail problems to <A HREF="mailto:supp...@nortel.com";><ADDRESS>NORTEL</ADDRESS></A> </BODY></HTML> Connection closed by foreign host. ------------- sementara TCPDUMP menghasilkan: ------------------------------ # tcpdump -An tcp dst port 20080 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 08:53:06.460714 IP 123.231.138.118.49019 > 192.168.198.6.20080: S 1698208767:1698208767(0) win 5840 <mss 1460,sackOK,timestamp 3809941593 0,nop,wscale 7> E..<....@.@.).{..v.....{Npe8..................... ...Y........ 08:53:06.470207 IP 123.231.138.118.49019 > 192.168.198.6.20080: . ack 1639662594 win 46 <nop,nop,timestamp 3809941604 89692100> e.....@.@.*.{..v.....{Npe8..a.D............ ...d.X.. 08:53:20.287332 IP 123.231.138.118.49019 > 192.168.198.6.20080: P 0:16(16) ack 1 win 46 <nop,nop,timestamp 3809955429 89692100> e.....@.@.).{..v.....{Npe8..a.D......C..... ..Ne.X..GET / HTTP/1.0 08:53:21.381496 IP 123.231.138.118.49019 > 192.168.198.6.20080: P 16:18(2) ack 1 win 46 <nop,nop,timestamp 3809956524 89693483> e.....@.@.).{..v.....{Npe8..a.D......5..... ..R..X.+ 08:53:21.396543 IP 123.231.138.118.49019 > 192.168.198.6.20080: . ack 466 win 54 <nop,nop,timestamp 3809956539 89693593> e.....@.@.).{..v.....{Npe8..a.E....6Y...... ..R..X.. 08:53:21.397166 IP 123.231.138.118.49019 > 192.168.198.6.20080: F 18:18(0) ack 467 win 54 <nop,nop,timestamp 3809956539 89693593> e.....@.@.).{..v.....{Npe8..a.E....6Y...... ..R..X.. 6 packets captured 6 packets received by filter 0 packets dropped by kernel ------ mohon pencerahannya. -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id Arsip dan info milis selengkapnya di http://linux.or.id/milis
