MostlyChris

Thoughts that are my own.

Tcpdump for Wireshark

I have this problem. I am trying to send a SOAP request to a provider of information I need. In order to make this request correctly, I have to provide a value as a LONG. For whatever reason, they are not getting what I think I am sending. Therefore, I need a way to see what I am sending. Sure, I can use tcpdump to view the packets, but I can’t decode this stuff. Wireshark comes to mind. The problem is, I am not doing this on a local box and Wireshark is GUI based. What to do…what to do? Here’s how I am handling the issue.

First, I output my tcpdump results to a file:

tcpdump -i -eth0 port 80 -s 0 -x -w dump.out

I then import this file to a box that I have Wireshark running on and I can now view the conversation. Of course, this doesn’t work if you want to follow something real-time but it at least works if you want to do some troubleshooting like I am.

Of course, if you have a better way a of doing this, leave a comment.

Comments