This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: how to log port 80 activity? From: "Carl Karsten" <cware@mcs.net> Date: Mon, 14 Feb 2000 16:39:22 -0600 I'm trying to use ipchains to figure out what an http GET command looks like. so I want to log all packets to port 80, and then hit it with a browser. ipchains, right? === Subject: Re: how to log port 80 activity? From: Alan Mead <adm@ipat.com> Date: Mon, 14 Feb 2000 17:23:41 -0600 There is a program to do this... blanking on the name... *cat? cat*? It binds to a port and shows you what comes through. Hopefully someone will post a name. Apache, of course, logs 80 but I'm guessing you either aren't running it or it doesn't log enough? === Subject: Re: how to log port 80 activity? From: Aaron Turner <aturner@linuxkb.org> Date: Mon, 14 Feb 2000 15:24:36 -0800 (PST) tcpdump will capture/print the actual packets. === Subject: Re: how to log port 80 activity? From: Aaron Turner <aturner@linuxkb.org> Date: Mon, 14 Feb 2000 15:26:39 -0800 (PST) netcat is what you're looking for. nc is the actual command name. === Subject: Re: how to log port 80 activity? From: Duncan Hill <dhill@bajan.org> Date: Mon, 14 Feb 2000 19:41:23 -0500 (EST) > > > At 04:39 PM 2/14/00 , Carl Karsten wrote: > > > >I'm trying to use ipchains to figure out what an http GET command looks > > > >like. so I want to log all packets to port 80, and then hit it with a Actually, that kind of thing is documented in the RFCs. Offhand, a GET looks something like: GET /path/to/file HTTP/1.0 And 2 carriage returns. POST I've never tried to do by hand. HEAD is useful if you just want the document status. === Subject: Re: how to log port 80 activity? From: Gordon Messmer <yinyang@eburg.com> Date: Mon, 14 Feb 2000 22:49:56 -0800 Carl Karsten wrote: > > I'm trying to use ipchains to figure out what an http GET command looks > like. so I want to log all packets to port 80, and then hit it with a > browser. ipchains, right? use rpmfind to locate and download a package called ngrep. it's libpcap based, so it's very similar to tcpdump. You can use it to view network streams. It's very useful. I beleive that ethereal is another (graphical) tool with a similar function, and is much more complex. I've not gotten it to work right, but haven't played with it that much, either. ===