[plug] network sniffer

Leon Brooks leonb at bounce.networx.net.au
Wed Oct 13 19:22:54 WST 1999


c.i.n at iname.com wrote:
> I'm after a network sniffer for Linux  that can be used to
> examine packet contents. I'll be using it to monitor HTTP headers. I've
> tried 'snoop' and 'tcpdump' but they display packet contents in HEX [...] whereas I would like a purely ASCII view
> of the HTTP packet contents for my perusal. I'm after something which has
> nice display format for my purpose (ie. reading ASCII),

> Any suggestions?

Yup, two.

1. grab the source for tcpdump and add a -A (ASCII dump) option by
modifying the -x option. Return your addition to the author so everyone
benefits. You might want to consider turning unprintable characters in,
say, a dot.

2. wrap tcpdump in a PERL, shell, TCL or even gawk script to convert the
hex to ASCII (pair the digits, prepend 0x, feed the result through a
printf program/function).


More information about the plug mailing list