Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 1 Mar 2011 21:37:49 +0530
From:      Mubeesh ali <>
To:        FreeBSD Questions <>
Subject:   how to read a live changing capture file with a tcpdump or wireshark like with tail for a file.
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi ,

We do wifi troubleshooting and are planning to use kismet for wireless
captures. It produces a file that will be written into every 300
secs(configurable value ,we use 30 secs).  While comparing with a
expensive windows sniffer like Omnipeek   the only disadvantage of
this free tool is we have to continoulsly do tcpdump -r
<filename.pcap> as the file changes. same with wireshark we need to
hit the refresh button.

Is there something equivalent to 'tail' for changing files  for
reading pcap files ? Appreciate any suggestions.

Best=A0 Regards,
Mubeesh Ali.V.M

Want to link to this message? Use this URL: <>