Created
November 29, 2019 03:39
-
-
Save yurenchen000/eaa7b3f3ee466a35d6a55952875b757f to your computer and use it in GitHub Desktop.
wireshark capture on remote host ( through ssh tcpdump )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # ssh root@yurenchen.com "tcpdump -w - -U 'host g.cn'" | sudo wireshark -k -i - | |
| # tcpdump Capture on remote host (by ssh) & Show packets on local wireshark | |
| # $remote Need Capture permission | |
| # $filter is tcpdump capture filter | |
| # example: | |
| # $ wireshark_remote root@10.1.1.2 'host yurenchen.com' | |
| wireshark_remote(){ | |
| local remote="$1" | |
| local filter="$2" | |
| ssh $remote "tcpdump -w - -U '$filter'" | wireshark -k -i - | |
| } | |
| [ -n "$1" ] && wireshark_remote $@ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment