Use tcpdump to sniff HTTP requests
Wed, 10 Apr 2013 08:04:12 +0000
Sometimes you are interested if the software issues proper HTTP requests to the server. You have three options here:
- checking client logs and assume all HTTP requests are reported
- checking server logs to see what have been issued
- using tcpdump for traffic monitoring
I'll show you 3rd method - it's useful if you don't have access to server nor to client logs.
$ sudo tcpdump -s 1024 -l -A dst 192.168.3.120 -i eth0 | grep HTTP ..Hp.c..GET /url/path?param1=value1&OpCode=add&ChannelID=101434 HTTP/1.1 .....c.*GET /url/path?param2=value2&OpCode=add&ChannelID=101434 HTTP/1.1
192.168.3.120 is the server IP address.
Pretty simple and more elegant solution than using full wireshark (and you can use it having only console access).