You can use ssldump with tcpdump, as they use identical file formats. This allows you to take a tcpdump, and analyse it for SSL/TLS sessions and extra application data. People use `tcpdump -i interface -s 65535 -n -v -w file'. This tells tcpdump to snap up 65535 bytes (the maximum number in a TCP packet), not to resolve any addresses, be verbose and log to `file'. Then, people can use `ssldump -r file' to read the file, and interpret it as necessary.
distrib
>
Fedora
>
14
>
x86_64
>
media
>
updates
>
by-pkgid
>
7b8c380f3d4f8ad2042ad5c8104d9c82
>
files
>
7
