Date: Thu, 06 Jun 2002 12:20:51 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: freebsd-questions@FreeBSD.org Subject: Sniffing HTTP requests off the wire Message-ID: <3545.1023358851@axl.seasidesoftware.co.za>
next in thread | raw e-mail | index | archive | help
Hi folks, There are times when I'd like to sniff the HTTP requests seen by my firewall. Although I can use smbfs to mount the IIS logs of the protected web servers, the Wintendo servers lock the currently active log file such that I can't cp or grep it (or anything it, actually). Very annoying. I'm interested in the HTTP request and the IP address of the requesting host. I'm also interested in the HTTP headers( like referer), cookie contents etc, but that's all secondary. I know I can just use 'tcpdump -s 1500 -x -X dst port 80' and cook the output myself, but I'm hoping there's already something out there that does the cooking for me. First prize would be to get output in common log format, as used by Apache, but obviously beggars can't be choosers. Anything in the ports tree? Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3545.1023358851>