Mobile Network Traffic Inspection

In this post, i will talk about how to view network traffic and the HAR (HTTP Archive) file. This is useful for doing several things, my initial intention was to discover network traffic from mobile devices.  This was something i wanted to view in order to find out whether our vary headers and stats were correctly being logged, but there is also an interesting way to measure performance.

Requirements

The basic usage is to capture the HAR file, you will use tcpdump to capture TCP traffic and save it to PCAP file. The website above, you guessed it, shows you the PCAP file in it's HAR form. This will allow you to view the HAR timeline, request headers, UA string etc.

Run this command in terminal. This takes the tcpdump from my bridged adaptor, the best way to do this is to share your wired conniption through your wireless and connect any mobile device to the new wireless access point.

sudo tcpdump -i bridge0 -n -s 0 -w nameoffile.pcap tcp or port 53

Once you have done all of you browsing, in some cases this will simply be loading a web page, hit control + C and the file is created in the directory you are in. The next step either requires you to have a local instance of the HAR viewer on your machine, or use the online version. Which ever you decide to use, the output will seem very familiar to most.

By using this tool, we can see how each device loads the page, where you could improve upon for certain devices and what, if any, are the issues with your website.

While this isn't as good as Chrome for Android that shows you all of this in real time, for very old devices, this is the best way to inspect your traffic.