fork of six-ddc/httpflow on github
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
forest 0e9258c0bd forests oneliner 7 months ago
.gitignore 0.1 4 years ago
.travis.yml update travis config 4 years ago
LICENSE Create LICENSE 4 years ago
Makefile 修复在编译的时候pcap_lib_xxx一些函数找不到的问题 2 years ago
README.md forests oneliner 7 months ago
custom_parser.cpp replace std::regex with pcre 4 years ago
custom_parser.h replace std::regex with pcre 4 years ago
data_link.cpp fixbug 4 years ago
data_link.h support url filter 4 years ago
demo.gif update demo.gif 4 years ago
http_flow.cpp replace std::regex with pcre 4 years ago
http_parser.cpp 0.1 4 years ago
http_parser.h 0.1 4 years ago
util.cpp support url filter 4 years ago
util.h replace std::regex with pcre 4 years ago

README.md

httpflow

Build Status

Installation

MacOs

brew update
brew install httpflow

Linux

Forests oneliner


apt-get install -y libpcap-dev zlib1g-dev libpcre3 libpcre3-dev && git clone https://git.sequentialread.com/forest/httpflow && cd httpflow &&  make && make install

## On CentOS
yum update
yum install libpcap-devel zlib-devel pcre-devel

## On Ubuntu / Debian
apt-get update
apt-get install libpcap-dev zlib1g-dev libpcre3 libpcre3-dev
  • Building httpflow
> git clone https://github.com/six-ddc/httpflow
> cd httpflow &&  make && make install

or directly download Release binary file.

Usage

libpcap version libpcap version 1.8.1 -- Apple version 67.60.1
httpflow version 0.0.5

Usage: httpflow [-i interface | -r pcap-file] [-f packet-filter] [-u url-filter] [-w output-path]

  -i interface      Listen on interface
  -r pcap-file      Read packets from file (which was created by tcpdump with the -w option)
                    Standard input is used if file is '-'
  -f packet-filter  Selects which packets will be dumped
                    If filter expression is given, only packets for which expression is 'true' will be dumped
                    For the expression syntax, see pcap-filter(7)
  -u url-filter     Matches which urls will be dumped
  -w output-path    Write the http request and response to a specific directory

  For more information, see https://github.com/six-ddc/httpflow

  • Capture default interface
> httpflow
  • Capture all interfaces
> httpflow -i any
  • Use the expression to filter the capture results
# If no expression is given, all packets on the net will be dumped.
# For the expression syntax, see pcap-filter(7).
> httpflow -f 'tcp port 80 and host baidu.com'
  • Use the regexp to filter request urls
> httpflow -u '(google.com|httpbin.org)/.*/get'
  • Read packets from file
# tcpdump -w a.cap
> httpflow -r a.cap
  • Read packets from input
> tcpdump -w - | httpflow -r -