hdrgrab sniffs HTTP headers off the wire and writes them into files into the current working directory.
Requests and responses are written into separate files, with '-req' and '-res' identifying each type, respectively.
Each file contains the sets of header fields, separated by blank lines.
Note that hdrgrab makes some effort to remove connection (hop-by-hop) headers, but does not case normalise their names, or manipulate their values.
First you'll need Node and its package manager, npm.
Then, hdrgrab can be installed with npm like this:
sudo npm -g install hdrgrab
which will install dependencies automatically.
Under the covers, hdrgrab relies upon node_pcap, optimist, and
hdrgrab
Start it up like this:
hdrgrab
which will sniff on port 80 and dump headers into the current directory.
hdrgrab 8000
will sniff on port 8000.
On some operating systems, you may need to specify the interface to listen on. For example:
hdrgrab 8000 eth0
and in some cases, you may need permission to listen to the device, making the appropriate command line something like:
sudo hdrgrab 8000 eth0
If npm complains about problems with pcap, like this:
npm ERR! Failed at the [email protected] install script.
it usually means that it couldn't find libpcap when building. See the instructions here: https://github.com/mranney/node_pcap.
On my OSX machine, I have to build like this (becoming root first):
CXXFLAGS=-I/opt/local/include npm -g install hdrgrab
because my pcap headers are in a non-standard place (thanks to MacPorts). YMMV.
Mark Nottingham [email protected]