Logowanie ruchu TCP/HTTP na zdalny host

HTTP GET
tcpdump -i eth1 -s 0 -A 'tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420' | ssh root@192.168.0.1 'cat - >/home/emes/tcpdump.log'
HTTP POST
tcpdump -i eth1 -s 0 -A 'tcp dst port 80 and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)' | ssh root@192.168.0.1 'cat - >/home/emes/tcpdump.log'