$ ssh somehost dumpcap -P -w -f udp | tshark -i. $ ssh '/sbin/dumpcap -i IFACE -P -w -f "not port 22"' > FILE & $ $ ssh -p 22222 'tcpdump -U -i IFACE -w -' > FILE & $ wireshark FILE The feature is functionally equivalent to run commands like
The requirement is that the capture executable must have the capabilities to Sshdump -extcap-interfaces sshdump -extcap-interface= -extcap-dlts sshdump -extcap-interface= -extcap-config sshdump -extcap-interface= -fifo= -capture -remote-host=myremotehost -remote-port=22 -remote-username=user -remote-interface=eth2 -remote-capture-command='tcpdump -U -i eth0 -w-' DESCRIPTION Sshdump is an extcap tool that allows one to run a remote capture tool over a SSHĬonnection.
Sshdump - Provide interfaces to capture from a remote host through SSH using a remote
0 kommentar(er)
