Human readable format for http headers with tcpdump
Here’s a one-liner I came up with for displaying request and response HTTP headers using tcpdump (which should work for your case too): sudo tcpdump -A -s 10240 ‘tcp port 4080 and (((ip[2:2] – ((ip[0]&0xf)<<2)) – ((tcp[12]&0xf0)>>2)) != 0)’ | egrep –line-buffered “^……..(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: ” | sed -r ‘s/^……..(GET |HTTP\/|POST |HEAD )/\n\1/g’ It … Read more