Wireshark and tcpdump are the two of the most useful tools in debugging a certain issue. Every now and then I use tcpdump to capture network packets in linux or unix platform and use wireshark to analyze the captured packets.
I can't imagine myself debugging network related issues without those two tools, it will be crawling in the dark.
Recently we have an issue pertaining to HTTP transactions and I have to use tcpdump to capture the packets to see the exact data send out to our server.
I got the tcpdump with the http transaction however in wireshark I got a message with "Packet size limited during the capture", you can see below screenshot. Just click the image to enlarge.
|wireshark packet size limited during capture|
I tried to capture the printable data text in the HTTP GET response but only got below results.
HTTP/1.1 200 OK
The HTTP transaction was successful but the data capture is not complete. The tcpdump command use during the capture is below.
This time the size is now limited to 65535 bytes. Opening the dump file in wireshark the message of size limitation is already gone.
|tcpdump http capture packet size limited issue gone|
You might also like: