*n*x: capturing http traffic
Posted by jpluimers on 2015/04/20
Below some links to get me started on capturing http traffic.
Some tools mentioned in these links, with * marking the ones available on the distribution I use:
- tcpdump * with Manpage of TCPDUMP.
- wireshark that includes the command-line tshark *.
- tcpflow*.
- httpry.
- Justniffer.
- dsniff *.
- ngrep.
- socat.
- netcat *.
- mkfifo *.
- chaosreader.
Here we go:
- Packet sniffing – Noah.org.
- networking – On-the-fly monitoring HTTP requests on a network interface? – Unix & Linux Stack Exchange.
- monitoring – How to monitor incoming http requests – Unix & Linux Stack Exchange.
- networking – What’s the easiest way to sniff TCP traffic data on Linux? – Super User.
- A tcpdump Primer.
- tcpdump examples.
- Use TCPDUMP to Monitor HTTP Traffic – jimmyxu101.
- tshark – Monitoring HTTP traffic using tcpdump – Server Fault.
- tshark filters.
- tcp – How to capture ack or syn packets by Tcpdump? – Server Fault.
- man page pcap-filter section 7.
- DisplayFilters – The Wireshark Wiki.
- Wireshark · Display Filter Reference: Index.
- Wireshark · Display Filter Reference: Transmission Control Protocol.
- CaptureFilters – The Wireshark Wiki.
- wireshark – Why do I see a RST, ACK packet instead of a RST packet? – Network Engineering Stack Exchange.
- Understanding TCP Sequence and Acknowledgment Numbers – PacketLife.net.
- linux – How to safely capture or duplicate incoming requests to a web server – Server Fault.
- tcpflow — A tcp ip session reassembler · simsong/tcpflow Wiki.
- Using tcpflow to see what is being sent on your network.
- Running a network trace on the command line using tcpflow.
- How to Install and Use tcpflow.
I needed this when connecting 2 ISPs to my internal networks and some connections would not work.
Links for that:
- networking – Hooking Linux machine to secondary router/ISP: how to setup routing correctly? – Super User.
- Ishoni: How to making Linux multihomed to connect to 2 ISP.
- Linux Dual Network Route Hack Multi-Homing | Sivel.net.
- Overcoming Asymmetric Routing on Multi-Homed Servers | Linux Journal.
- ipv6 – Best practice for dual-homing site with two ISPs? – Network Engineering Stack Exchange.
- multi-homed site:stackexchange.com – Google Search.
- multi-homed site:serverfault.com – Google Search.
- multi-homed site:superuser.com – Google Search.
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a comment