Debug with tcpdump – Roll up your sleeves and see whats in those tubes
You can do a lot with TCP/HTTP these days. Websites, messaging, RESTy APIs, SOAP stuff. You know. You get it. But sometimes you end up dealing with applications that are so abstracted from the actual protocols that you never get close to it. Abstract, and forget. But sometimes the easiest way to debug is to get your hands dirty and play with raw meat. Er, raw TCP.
TCpdump to the rescue. Luckily our 'fore fathers' wrote some pretty good tools, too. This little snippet with record all TCP interaction with example.com on port 80 and write it to a file.
sudo /usr/sbin/tcpdump -q -n -i eth0 -s 0 -A -w output.txt src or dst example.com and src or dst port 80
If you try to read the file, you might speed up your test/debug cycle by forcing less to read binary files, and not pester you with questions:
less -f output.txt
You can do a ton with tcpdump, this is just what I ended up with. Notice the '-i eth0' parameter, which tells tcpdump to listen over the eth0 (primary ethernet) interface. If you want to see your interfaces, you can run 'ifconfig'. If you want to listen to local traffic, for example, you could listen to the 'lo' or loopback interface, which is commonly used to send traffic to local ports.
Abstraction is good, but sometimes you've just gotta roll up your sleeves.
