How do I make tcpdump not print the tcp headers?
As Josh suggests, tcpflow can print just the TCP packet data to a file or STDOUT. You can pipe tcpdump to tcpflow like this:
tcpdump -i lo -l -w - port 23 | tcpflow -C -r -
To only view one side of the conversation, you can use filters for tcpdump, e.g. dst port 23
.
I feel the most elegant solution is just to ditch tcpdump. No pipes of any kind:
tcpflow -c port 6667
And that's it.
I'm not sure about the exact syntax for tcpdump
... in fact, I have marked this question as a favorite because I would like to know! But as an alternative solution, you could try using tcpflow
instead. It works essentially the same way, but it prints ASCII output much better; it excluded the headers and prints packets sequentially as a flow, so it's easier to read and follow at times than tcpdump
.