Date: Tue, 1 Mar 2011 21:37:49 +0530 From: Mubeesh ali <mubeeshalivm@gmail.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: how to read a live changing capture file with a tcpdump or wireshark like with tail for a file. Message-ID: <AANLkTimzow4vbHVNrp05-2c_NFebgXwSRq10-19htC9f@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi , We do wifi troubleshooting and are planning to use kismet for wireless captures. It produces a file that will be written into every 300 secs(configurable value ,we use 30 secs). While comparing with a expensive windows sniffer like Omnipeek the only disadvantage of this free tool is we have to continoulsly do tcpdump -r <filename.pcap> as the file changes. same with wireshark we need to hit the refresh button. Is there something equivalent to 'tail' for changing files for reading pcap files ? Appreciate any suggestions. --=20 Best=A0 Regards, Mubeesh Ali.V.M
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimzow4vbHVNrp05-2c_NFebgXwSRq10-19htC9f>