Logging network activity of LAMP server using BASH

Question

I've got a Fedora LAMP server on Amazon EC2 functioning as a HTTP pseudo-proxy (Sorry, don't know the terminology- It's not a true proxy where requests are relayed through apache, rather client requests are being translated by a PHP script, which then sends a new request.)

I'd like to be able to fully log the HTTP cycle

CLIENT -> PROXY
PROXY -> SERVICE
SERVICE -> PROXY
PROXY -> CLIENT

I'm hoping to do this using BASH tools- thinking netcat? Looking for advice and examples. Thanks!

netcat is a Unix/Linux tool rather than a Bash tool. Perhaps you mean "using Linux tools in a Bash script"? — Dennis Williamson, Apr 29 '10 at 15:58
Correct- I just want to be able to use available shell tools vs having to install new software — Yarin, Apr 29 '10 at 16:02
Gotta say I'm surprised by the radio silence- didn't think this was an obscure question- Does ServerFault not yet have the critical mass of StackOverflow..? — Yarin, May 02 '10 at 12:46
StackOverflow seems to have far more users then ServerFault. — Stefan Lasiewski, May 26 '10 at 18:20

Marco Ramos · Accepted Answer · 2010-05-26T18:16:18.253

1

If I understand your question correctly, I'd use both netcat and tcpdump. tcdump is a *nix tool that dumps the traffic on a network. You can specify things like the NIC you want to dump, the protocol or the source/destination ips.

It's very useful when debugging or troubleshooting networking problems.

More info about tcpdump here and some good examples here.

edited May 26 '10 at 18:16

answered May 26 '10 at 17:10

Marco Ramos

3,120
23
25

Thanks Marcos- How do the two compare? When would you use one over the other? Also, have you used Ethereal, or any other tcpdump guis? – Yarin May 27 '10 at 12:26
@Yarin: in this specific case I'd use tcpdump. And yes, I've used Ethereal and it's great as a Tcpdump GUI (the best, imho :)) – Marco Ramos May 27 '10 at 12:57

Logging network activity of LAMP server using BASH

1 Answers1