You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
forest
51886373c9
|
3 years ago | |
---|---|---|
.gitignore | 8 years ago | |
.travis.yml | 8 years ago | |
LICENSE | 8 years ago | |
Makefile | 6 years ago | |
README.md | 3 years ago | |
custom_parser.cpp | 8 years ago | |
custom_parser.h | 8 years ago | |
data_link.cpp | 8 years ago | |
data_link.h | 8 years ago | |
demo.gif | 8 years ago | |
http_flow.cpp | 8 years ago | |
http_parser.cpp | 8 years ago | |
http_parser.h | 8 years ago | |
util.cpp | 8 years ago | |
util.h | 8 years ago |
README.md
httpflow
Installation
MacOs
brew update
brew install httpflow
Linux
Forests oneliner for debian / ubuntu
apt-get install -y g++ libpcap-dev zlib1g-dev libpcre3 libpcre3-dev && git clone https://git.sequentialread.com/forest/httpflow && cd httpflow && make && make install
Forests oneliner for alpine linux
apk update && apk add make g++ libpcap-dev zlib-dev pcre pcre-dev && git clone https://git.sequentialread.com/forest/httpflow && cd httpflow && make && make install
## On CentOS
yum update
yum install libpcap-devel zlib-devel pcre-devel
## On Ubuntu / Debian
apt-get update
apt-get install libpcap-dev zlib1g-dev libpcre3 libpcre3-dev
- Building httpflow
> git clone https://github.com/six-ddc/httpflow
> cd httpflow && make && make install
or directly download Release binary file.
Usage
libpcap version libpcap version 1.8.1 -- Apple version 67.60.1
httpflow version 0.0.5
Usage: httpflow [-i interface | -r pcap-file] [-f packet-filter] [-u url-filter] [-w output-path]
-i interface Listen on interface
-r pcap-file Read packets from file (which was created by tcpdump with the -w option)
Standard input is used if file is '-'
-f packet-filter Selects which packets will be dumped
If filter expression is given, only packets for which expression is 'true' will be dumped
For the expression syntax, see pcap-filter(7)
-u url-filter Matches which urls will be dumped
-w output-path Write the http request and response to a specific directory
For more information, see https://github.com/six-ddc/httpflow
- Capture default interface
> httpflow
- Capture all interfaces
> httpflow -i any
- Use the expression to filter the capture results
# If no expression is given, all packets on the net will be dumped.
# For the expression syntax, see pcap-filter(7).
> httpflow -f 'tcp port 80 and host baidu.com'
- Use the regexp to filter request urls
> httpflow -u '(google.com|httpbin.org)/.*/get'
- Read packets from file
# tcpdump -w a.cap
> httpflow -r a.cap
- Read packets from input
> tcpdump -w - | httpflow -r -