tcpdump tip

As I was debugging an issue at work related to http headers being forwarded by haproxy I used a couple tcpdump commands that was great, storing here for future reference .

tcpdump -s 1024 -l -A | grep X-Forwarded-For

tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56

First one will print lines containing X-Forwarded-For, second one let you filter on src and/or destination .
Note that tcpdump by default does not include 127.0.0.1 or ::1 ( lo ) .

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>