Re: tcpdump

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



David G. Miller wrote:
Aly Dharshi <aly.dharshi@xxxxxxxxx> wrote:

Hello Kaushal, I hope that you are well. tcpdump -i ethX port 80 Where X would be a number so eth0 or eth1, you can also refine this with "src port" and "dst port" expressions, have you tried using wireshark instead if you are using an X system ? Cheers, Aly. Kaushal Shriyan wrote:
> Hi
> > How do i capture http request and response using tcpdump
> > Thanks and Regards
> > Kaushal
>
This approach only captures the HTTP requests. It will not capture the response since the response will not be through port 80; the response to a request will be to some randomly assigned, non-privileged port.

That is not so: tcpdump's "port" parameter matches if the port appears on the source OR destination. And although an ephemeral port is used on the receive side, it is sent from the web server using port 80, and so matches the tcpdump filter. Give it a try.

-Andy



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux