check curl http command
The easiest way is to use ngrep
from the command line:
ngrep -W byline host some.site.at.somwhere.com and port 80
Which will dump all of the traffic to/from some.site.at.somwhere.com
on port 80 to stdout. You can also have the output written to a pcap file with the -O
flag:
ngrep -O http-traffic.pcap -W byline host some.site.at.somwhere.com and port 80
Some distributions don't package ngrep
in their main repositories, but tcpdump
is a good alternative in that case and the syntax is similar:
tcpdump -A -s 1600 host some.site.at.somwhere.com and port 80
And to send that to a file, instead:
tcpdump -w http-traffic.pcap -s 1600 host some.site.at.somwhere.com and port 80
Note that the expression host some.site.at.somwhere.com and port 80
is the same regardless of which tool you use. You can read up on that with man pcap-filter
.