simsong
Prepare for release 1.6.2
Hey,
Sorry for pushing you but I feel that following changes is worth to be released:
- https://github.com/simsong/tcpflow/pull/252 where modern GCC is fixed;
- https://github.com/simsong/tcpflow/pull/262 where data corruption is fixed;
- https://github.com/simsong/tcpflow/pull/260 where anoyed
report.xmlis removed.
Thus, since 1.6.1 it hasn't got too many changes, that is good because it can be a kind of bugfix release without revolution.
Good idea. I will do what I can . thanks.
On Mon, Jun 17, 2024 at 6:17 AM Kirill A. Korinsky @.***> wrote:
Hey,
Sorry for pushing you but I feel that following changes is worth to be released:
- #252 https://github.com/simsong/tcpflow/pull/252 where modern GCC is fixed;
- #262 https://github.com/simsong/tcpflow/pull/262 where data corruption is fixed;
- #260 https://github.com/simsong/tcpflow/pull/260 where anoyed report.xml is removed.
Thus, since 1.6.1 is hasn't got too many changes, that is good because it can be a kind of bugfix release without revolution.
— Reply to this email directly, view it on GitHub https://github.com/simsong/tcpflow/issues/264, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAMFHLE3BHFB5N5GARFF72LZH2ZUNAVCNFSM6AAAAABJNWNW2OVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM2TMOJWG42TQOA . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Honestly, I had no idea that people were still using this. Yes, I think that we'll have a release over the next week.
Well, tcpflow is the most easy way to dump traffic to stdin in text format. tcpdump -A is noisy, and tcpflow prints only packet payload which is quite useful if you need to see L7 traffic only :)
Just an example:
~ $ doas tcpdump -i lo0 -Anq port 80
tcpdump: listening on lo0, link-type LOOP
15:12:20.679784 127.0.0.1.7190 > 127.0.0.1.80: tcp 0 (DF)
E..@'.@[email protected][email protected].................
.r......
15:12:20.679854 127.0.0.1.80 > 127.0.0.1.7190: tcp 0 (DF)
E..@K.@[email protected][email protected].................
.#!..r..
15:12:20.679878 127.0.0.1.7190 > 127.0.0.1.80: tcp 0 (DF)
E..4 .@[email protected].._e.....(.....
.r...#!.
15:12:20.680329 127.0.0.1.7190 > 127.0.0.1.80: tcp 73 (DF)
E..}..@[email protected].._e.....q.....
.r...#!.GET / HTTP/1.1
Host: 127.0.0.1
User-Agent: curl/8.11.1
Ac
15:12:20.680379 127.0.0.1.80 > 127.0.0.1.7190: tcp 0 (DF)
E..4..@[email protected]...._e.........(.....
.#!..r..
15:12:20.680915 127.0.0.1.80 > 127.0.0.1.7190: tcp 294 (DF)
E..Z.W@[email protected]...._e.........N.....
.#!..r..HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 19 Dec 202
15:12:20.680937 127.0.0.1.7190 > 127.0.0.1.80: tcp 0 (DF)
E..4j8@[email protected]......`......(.....
.r...#!.
15:12:20.681760 127.0.0.1.7190 > 127.0.0.1.80: tcp 0 (DF)
E..4..@[email protected]......`......(.....
.r...#!.
15:12:20.681780 127.0.0.1.80 > 127.0.0.1.7190: tcp 0 (DF)
E..4}.@[email protected]....`..........(.....
.#!..r..
15:12:20.681834 127.0.0.1.80 > 127.0.0.1.7190: tcp 0 (DF)
E..4..@[email protected]....`..........(.....
.#!..r..
15:12:20.681874 127.0.0.1.7190 > 127.0.0.1.80: tcp 0 (DF)
E..4.L@[email protected]......`......(.....
.r...#!.
^C
11 packets received by filter
0 packets dropped by kernel
~ $
vs
~ $ doas tcpflow -i lo0 -c port 80
tcpflow: listening on lo0
127.000.000.001.32164-127.000.000.001.00080: GET / HTTP/1.1
Host: 127.0.0.1
User-Agent: curl/8.11.1
Accept: */*
127.000.000.001.00080-127.000.000.001.32164: HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 19 Dec 2024 14:13:45 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
^Ctcpflow: terminating orderly
~ $
Great idea. DO you want this for 1.6.2 or for 1.7?
Oh, it already does that!