how to read a live changing capture file with a tcpdump or wireshark
like with tail for a file.
mubeeshalivm at gmail.com
Tue Mar 1 16:39:29 UTC 2011
We do wifi troubleshooting and are planning to use kismet for wireless
captures. It produces a file that will be written into every 300
secs(configurable value ,we use 30 secs). While comparing with a
expensive windows sniffer like Omnipeek the only disadvantage of
this free tool is we have to continoulsly do tcpdump -r
<filename.pcap> as the file changes. same with wireshark we need to
hit the refresh button.
Is there something equivalent to 'tail' for changing files for
reading pcap files ? Appreciate any suggestions.
More information about the freebsd-questions