Red HatThis forum is for the discussion of Red Hat Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
That's not dependent on your firewall settings (unless your firewall is configured to log requests on port 80, 443, 8080, etc. If you have a web server running, you can use a text editor to look through the access and error logs for Apache.
You could use netstat to see the TCP connections, or iptstate to view the iptables connections table. Or, you can use a packet sniffer (ethereal, tcpdump) to monitor the traffic on the web ports as they happen. This will generate a lot of data though - what was it you needed to do?
That's not dependent on your firewall settings (unless your firewall is configured to log requests on port 80, 443, 8080, etc. If you have a web server running, you can use a text editor to look through the access and error logs for Apache.
You could use netstat to see the TCP connections, or iptstate to view the iptables connections table. Or, you can use a packet sniffer (ethereal, tcpdump) to monitor the traffic on the web ports as they happen. This will generate a lot of data though - what was it you needed to do?
Simply, I would like to be able to view the current web addresses requested from the machine.
The fields are (see http://httpd.apache.org/docs/2.0/logs.html for more detail):
- IP address of the requestor;
- Identity returned by identd (not populated unless IdentityCheck is set to On);
- userid of the document requestor as determined by HTTP authentication;
- The time that the request was received;
- The request line from the client is given in double quotes;
- The status code that the server sent back to the client;
- The size of the object returned to the client, not including the response headers;
- The "Referer" (sic) HTTP request header;
- The User-Agent HTTP request header.
You can view this raw data with the tail command (alter it for your site):
Code:
tail -f /var/log/httpd/access.log
Or you can use a log-file analyser (Google will return plenty of hits) such as awstats.
No problem - I use ethereal from http://www.ethereal.com/ for packet sniffing. You could start it with a filter for ports 80, 443 (encrypted), 3128 (Squid proxy) and 8080 (Tomcat) for example and it will capture all of the packets going to/from those ports.
There are rpms available for ethereal, have you used it before?
I've just ran the rpm for "ethereal", the outputs are listed below. Would the listed version be enough for packet sniffing port 80?
/////////////////////////////
$ rpm -qa | grep ethereal
ethereal-0.10.3-0.90.1
/////////////////////////////
Once it's running go to the Capture menu and select Options. Select the network interface (probably eth0) and set a capture filter (e.g. port 80 or port 3128). I set the Update List of Packets in Real Time option as well as all three of the Name Resolution options. Click Start, open your web browser and start browsing.
Once you have packets captured and displayed on ethereal's main screen, right-click on a packet and select Follow TCP Stream. You should get an ASCII listing of the traffic.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.