How to sniff packets on Mac OS 10.7 Lion?

Michael Eilers Smith picture Michael Eilers Smith · Feb 17, 2012 · Viewed 78.6k times · Source

I'm developing a website that uses SSL (connction to https) and I want to confirm that all the data sent is encrypted. Could anyone give me a good free packet sniffer on Mac OS that I could use?

Thanks!

Answer

Gordon Davisson picture Gordon Davisson · Feb 17, 2012

It's not as slick as Wireshark, but OS X has a built-in command line tool for capturing and displaying packets:

sudo tcpdump -A -s0 -ien0 port 80

(the -A flag makes it display the packets' contents as text, -s0 makes it capture entire packets not just the headers, -ien0 makes it capture on the first ethernet interface (generally, the wireless is en1), and port 80 makes it only capture traffic to/from port 80 (see the man page for more options for capture patterns.)