Good stuff, thanks for sharing. I always forget you can do indexing into the pac...

therein · on May 30, 2018

This is one of my favorite oneliners:

  sudo stdbuf -oL -eL /usr/sbin/tcpdump -A -s 10240 \
   "tcp port 4080 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" | \
    grep -a --line-buffered ".+(GET |HTTP\/|POST )|^[A-Za-z0-9-]+: " | \
    perl -nle 'BEGIN{$|=1} { s/.*?(GET |HTTP\/[0-9.]* |POST )/\n$1/g; print }'

linedash · on June 1, 2018

fyi you should be able to use tcpdump -l instead of calling stdbuf.