#!/bin/bash tshark -f "tcp port 80" -Y 'http.request || http.response' #OR (for decrypting SSL. Won't work when using Diffie-Hellman, see Google why): tshark -o "ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE" -o "ssl.keys_list:78.46.156.164,443,http,/home/user/ssl/www.domain.key" -o "ssl.debug_file:ssldebug.log" -f "tcp port 443" -Y "http" -xSee also:
Forward secrecy