utf-8tcppacketsniffingtcpdump

Sniffing and displaying TCP packets in UTF-8


I am trying to use tcpdump to display the content of tcp packets flowing on my network. I have something like:

tcpdump -i wlan0 -l -A

The -A option displays the content as ASCII text, but my text seems to be UTF-8. Is there a way to display UTF-8 properly using tcpdump? Do you know any other tools which could help?

Many thanks


Solution

  • Make sure your terminal supports outputting UTF-8 and pipe the output to something which replaces non printable characters:

    tcpdump -lnpi lo tcp port 80 -s 16000 -w - | tr -t '[^[:print:]]' ''
    tcpdump -lnpi lo tcp port 80 -s 16000 -w - | strings -e S -n 1
    

    If your terminal does not support UTF-8 you have to convert the output to a supported encoding . E.g.:

    tcpdump -lnpi lo tcp port 80 -s 16000 -w - | tr -t '[^[:print:]]' '' | iconv -c -f utf-8 -t cp1251
    

    -c option tells iconv to omit character which does not have valid representation in the target encoding.