pmalek
9/26/2016 - 11:12 AM
tcpdump from a remote machine to fifo on local machine and read via wireshark
tcpdump from a remote machine to fifo on local machine and read via wireshark
mkfifo fifo
TCPHOST="10.0.0.1"; while true ; do \
ssh $TCPHOST 'tcpdump -s 0 -U -n -w - "!igmp && !arp && !rarp && !(host 224.0.0.1) && !(port 22) && !(port 67) && !(port 53) && !(port 123) && !(port 5353) && !(port 137)"' > fifo; \
done
# on another console
wireshark -k -i fifo