Skip to content

Instantly share code, notes, and snippets.

Last active Dec 28, 2015
What would you like to do?
Don't bother with copying PCAP files, just pipe tcpdump over SSH into wireshark! Great for embedded system work.
# from your workstation run below where <expression> is your tcpdump expression
# works great on OSX
ssh "/path/to/tcpdump -s 0 -U -w - -i ethX <expression>" |wireshark -i - -k
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment