how to read a live changing capture file with a tcpdump or
wireshark like with tail for a file.
mubeeshalivm at gmail.com
Wed Mar 2 17:51:55 UTC 2011
thanks Jason. netcat seems suited for this. I will check this out.
On Wed, Mar 2, 2011 at 8:42 PM, Jason C. Wells <jcw at speakeasy.net> wrote:
> On 03/01/11 08:07, Mubeesh ali wrote:
>> Hi ,
>> We do wifi troubleshooting and are planning to use kismet for wireless
>> captures. It produces a file that will be written into every 300
>> secs(configurable value ,we use 30 secs). While comparing with a
>> expensive windows sniffer like Omnipeek the only disadvantage of
>> this free tool is we have to continoulsly do tcpdump -r
>> <filename.pcap> as the file changes. same with wireshark we need to
>> hit the refresh button.
>> Is there something equivalent to 'tail' for changing files for
>> reading pcap files ? Appreciate any suggestions.
More information about the freebsd-questions