Date: Wed, 2 Mar 2011 23:21:54 +0530 From: Mubeesh ali <mubeeshalivm@gmail.com> To: "Jason C. Wells" <jcw@speakeasy.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: how to read a live changing capture file with a tcpdump or wireshark like with tail for a file. Message-ID: <AANLkTi=KnLA-ADhXGVi2mrE7_yXuw-saPvALm9M_102J@mail.gmail.com> In-Reply-To: <4D6E5E52.10200@speakeasy.net> References: <AANLkTimzow4vbHVNrp05-2c_NFebgXwSRq10-19htC9f@mail.gmail.com> <4D6E5E52.10200@speakeasy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
thanks Jason. netcat seems suited for this. I will check this out. Best Regards, Mubeesh On Wed, Mar 2, 2011 at 8:42 PM, Jason C. Wells <jcw@speakeasy.net> wrote: > On 03/01/11 08:07, Mubeesh ali wrote: >> >> Hi , >> >> >> We do wifi troubleshooting and are planning to use kismet for wireless >> captures. It produces a file that will be written into every 300 >> secs(configurable value ,we use 30 secs). =A0While comparing with a >> expensive windows sniffer like Omnipeek =A0 the only disadvantage of >> this free tool is we have to continoulsly do tcpdump -r >> <filename.pcap> =A0as the file changes. same with wireshark we need to >> hit the refresh button. >> >> Is there something equivalent to 'tail' for changing files =A0for >> reading pcap files ? Appreciate any suggestions. >> > netcat? > --=20 Best=A0 Regards, Mubeesh Ali.V.M
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=KnLA-ADhXGVi2mrE7_yXuw-saPvALm9M_102J>