From owner-freebsd-questions@FreeBSD.ORG  Wed Mar  2 17:51:55 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D7B3E1065675
	for <freebsd-questions@freebsd.org>;
	Wed,  2 Mar 2011 17:51:55 +0000 (UTC)
	(envelope-from mubeeshalivm@gmail.com)
Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com
	[209.85.214.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 61E1D8FC2C
	for <freebsd-questions@freebsd.org>;
	Wed,  2 Mar 2011 17:51:54 +0000 (UTC)
Received: by bwz12 with SMTP id 12so417763bwz.13
	for <freebsd-questions@freebsd.org>;
	Wed, 02 Mar 2011 09:51:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type
	:content-transfer-encoding;
	bh=5KUfGsfzvVbQ8V2wUMYpXQncNZK9Hz80+AY9xUyxfWo=;
	b=gzhlujdI1MLLC6OLiI0p9j+UbH9a9KtkiY8ttPXht1xKw2NBUtds7tC9DxsXNw4du5
	4JF58dfowGVKNlNNyLLJvtD5CxUCskqjwDnis6PPPmGquo0yXNwenK1TEmybV5Wy8MCo
	k/640PLRupL0Roe0tQU1yQPAlEjPeMk0JY8eM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	b=xaGVuxTV0hfQqYQgQJn2yHr74XbhYGWrtpMKw8yQAkicbQ/1hnPQbXeKaHRgGT69bM
	FG8cseKr2kV+DkPdqsReTKziYLZruLhOlsG4fEFIBMUE8XYAv+UjkBEUJrl2Tf3MuLEW
	P5drQjmuHWzg7FF5wiQeoPoqQs+LBqOgtmFqo=
MIME-Version: 1.0
Received: by 10.204.118.138 with SMTP id v10mr317026bkq.94.1299088314127; Wed,
	02 Mar 2011 09:51:54 -0800 (PST)
Received: by 10.204.62.83 with HTTP; Wed, 2 Mar 2011 09:51:54 -0800 (PST)
In-Reply-To: <4D6E5E52.10200@speakeasy.net>
References: <AANLkTimzow4vbHVNrp05-2c_NFebgXwSRq10-19htC9f@mail.gmail.com>
	<4D6E5E52.10200@speakeasy.net>
Date: Wed, 2 Mar 2011 23:21:54 +0530
Message-ID: <AANLkTi=KnLA-ADhXGVi2mrE7_yXuw-saPvALm9M_102J@mail.gmail.com>
From: Mubeesh ali <mubeeshalivm@gmail.com>
To: "Jason C. Wells" <jcw@speakeasy.net>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: how to read a live changing capture file with a tcpdump or
 wireshark like with tail for a file.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2011 17:51:55 -0000

thanks Jason. netcat seems suited for this.  I will check this out.


Best Regards,
Mubeesh


On Wed, Mar 2, 2011 at 8:42 PM, Jason C. Wells <jcw@speakeasy.net> wrote:
> On 03/01/11 08:07, Mubeesh ali wrote:
>>
>> Hi ,
>>
>>
>> We do wifi troubleshooting and are planning to use kismet for wireless
>> captures. It produces a file that will be written into every 300
>> secs(configurable value ,we use 30 secs). =A0While comparing with a
>> expensive windows sniffer like Omnipeek =A0 the only disadvantage of
>> this free tool is we have to continoulsly do tcpdump -r
>> <filename.pcap> =A0as the file changes. same with wireshark we need to
>> hit the refresh button.
>>
>> Is there something equivalent to 'tail' for changing files =A0for
>> reading pcap files ? Appreciate any suggestions.
>>
> netcat?
>



--=20
Best=A0 Regards,

Mubeesh Ali.V.M