Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
tcpdump from a remote machine to fifo on local machine and read via wireshark
mkfifo fifo
TCPHOST="10.0.0.1"; while true ; do \
ssh $TCPHOST 'tcpdump -s 0 -U -n -w - "!igmp && !arp && !rarp && !(host 224.0.0.1) && !(port 22) && !(port 67) && !(port 53) && !(port 123) && !(port 5353) && !(port 137)"' > fifo; \
done
# on another console
wireshark -k -i fifo
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment