Monitoring HTTP traffic using tcpdump
Solution 1:
tcpdump prints complete packets. "Garbage" you see are actually TCP package headers.
you can certainly massage the output with i.e. a perl script, but why not use tshark, the textual version of wireshark instead?
tshark 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
it takes the same arguments as tcpdump (same library) but since its an analyzer it can do deep packet inspection so you can refine your filters even more, i.e.
tshark 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
-R'http.request.method == "GET" || http.request.method == "HEAD"'
Solution 2:
take a look at ngrep - it mighe be of some use for you.
as reference for others httpry [ server seems to be down now but i hope it's temporary ] and tshark are also useful for passive protocol analysis - first one just for http, second - for much more.
Solution 3:
Try httpry or justniffer
Justniffer works well on tcp packets reordering retrasmissions and ip fragmentation