fritschy/tcpdump-bpf-disasm.sh

Created December 17, 2019 11:01

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/fritschy/ddb2af5ed4fbeef64535d669a24a64e3.js"></script>
Save fritschy/ddb2af5ed4fbeef64535d669a24a64e3 to your computer and use it in GitHub Desktop.

Download ZIP

How to disassemble a pcap BPF program

Raw

tcpdump-bpf-disasm.sh

	#!/bin/sh

	(
	echo -n load bpf ""
	sudo tcpdump -ilo -ddd "$@" \| tr '\n' ','
	echo
	echo disassemble
	) \| bpf_dbg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment