tcpdump mailing list archives
Re: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump
From: Guy Harris <gharris () sonic net>
Date: Tue, 10 Jun 2003 12:32:04 -0700
On Fri, May 02, 2003 at 03:25:03PM +0200, Jørgen Thomsen wrote:
My idea with the -A option was solely to focus on the payload in a human readable form and not having two types of data mixed. It is to be used when the data you want to analyze is the payload, not the protocol information. I have made good use of the option to capture http packets.
Perhaps the right fix for that is to have an "http_print()" routine that, if "vflag" is <= 1, prints the first line in the TCP segment (after perhaps checking whether the first line looks like an HTTP request or reply), and if "vflag" is > 1, prints the first line and all subsequent lines until it sees a blank line. (The goal here is to avoid printing binary data, although the suggested scheme avoids printing all data, just the HTTP request or reply and the HTTP headers.) Other ASCII protocols (SMTP, FTP, RTSP, SIP, and so on) could work that way also. - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Re: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump Guy Harris (May 02)
- <Possible follow-ups>
- RE: Re: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump Carroll, Shawn (May 02)
- Message not available
- Re: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump Guy Harris (Jun 10)
- Message not available
- RE: [ tcpdump-Patches-723026 ] Add -A (print ASCII) flag to tcpdump Carroll, Shawn (May 02)