how to read a live changing capture file with a tcpdump or wireshark like with tail for a file.

Mubeesh ali mubeeshalivm at gmail.com
Wed Mar 2 17:51:55 UTC 2011


thanks Jason. netcat seems suited for this.  I will check this out.


Best Regards,
Mubeesh


On Wed, Mar 2, 2011 at 8:42 PM, Jason C. Wells <jcw at speakeasy.net> wrote:
> On 03/01/11 08:07, Mubeesh ali wrote:
>>
>> Hi ,
>>
>>
>> We do wifi troubleshooting and are planning to use kismet for wireless
>> captures. It produces a file that will be written into every 300
>> secs(configurable value ,we use 30 secs).  While comparing with a
>> expensive windows sniffer like Omnipeek   the only disadvantage of
>> this free tool is we have to continoulsly do tcpdump -r
>> <filename.pcap>  as the file changes. same with wireshark we need to
>> hit the refresh button.
>>
>> Is there something equivalent to 'tail' for changing files  for
>> reading pcap files ? Appreciate any suggestions.
>>
> netcat?
>



-- 
Best  Regards,

Mubeesh Ali.V.M


More information about the freebsd-questions mailing list