gnilchee · October 20, 2016 21:35
diff --git a/tcpdump b/tcpdump
 tcpdump -s 0 -l -w - dst port 3306 | strings | perl -e '
 while(<>) { chomp; next if /^[^ ]+[ ]*$/;
  if(/^(SELECT|UPDATE|DELETE|INSERT|SET|COMMIT|ROLLBACK|CREATE|DROP|ALTER)/i) {
    if (defined $q) { print "$q\n"; }
    $q=$_;
  } else {
    $_ =~ s/^[ \t]+//; $q.=" $_";
  }
 }' | tee -a /tmp/out.txt
	tcpdump -s 0 -l -w - dst port 3306 \| strings \| perl -e '
	while(<>) { chomp; next if /^[^ ]+[ ]*$/;
	if(/^(SELECT\|UPDATE\|DELETE\|INSERT\|SET\|COMMIT\|ROLLBACK\|CREATE\|DROP\|ALTER)/i) {
	if (defined $q) { print "$q\n"; }
	$q=$_;
	} else {
	$_ =~ s/^[ \t]+//; $q.=" $_";
	}
	}' \| tee -a /tmp/out.txt