1

I am trying to monitor the network activity of a specific application on an Android device. In the application that I am attempting to monitor, I am communicating with an HTTP server that is running remotely. There are obviously different ways of querying the server, and I am trying to gather statistics on those different types of queries (round-trip-time of packets, etc.).

After some research I have decided to give tcpdump a shot. I am trying to view the contents of packets using the -A option; I figured that after spitting out the contents of the packets I could parse the query type out of the packet body and sort them according to the type. However, it seems that using the -A option just gives me a bunch of garbage. Am I misinterpreting what the -A option actually does? According to this example here http://code.google.com/apis/gdata/articles/wireshark.html, I should be seeing some human readable form of the output.

After some research I have found that it is possible that the garbage being spit out is just compressed data. If this is the case, is it possible to decompress it?

Forgive me if I sound naive, I am relatively new to this stuff. Any help would be greatly appreciated. Thanks!

rach5000
  • 135
  • 1
  • 9

1 Answers1

1

Wireshark has quite a few statistics built into it, why can't you just use that?

If you need a way to do it programmaticly check out Tshark (command line of wireshark), could be quite good for this.

http://kevin.vanzonneveld.net/techblog/article/analyze_http_requests_with_tshark/

Nick
  • 3,096
  • 3
  • 20
  • 25
  • 1
    Thanks, Nick. I might have to log the output and transfer that back to my computer to analyze with Wireshark. I was just hoping there was a way of doing this programmatically. Hopefully I can still get an answer on the -A answer. – rach5000 Feb 27 '12 at 03:02