Wireshark, tcpdump, piping from bsd remote to linux local

[rfinterference]

Hello!

So i have been stuck on this for a little while and figuired if anyone would know how to do this it would be you guys. I have a pfsense box that I would like to pipe tcpdump from to wireshark on my local machine. This is normally easy to accomplish going from linux or bsd but pfsense goes to a console when you ssh in as root(admin). This stops the command from working.

I have tried a few things to get around this such as creating a new user "this gets rid of the console problem" but creates a new problem. Pfsense does not have sudo and even with the new user added to the wheel group adding su - keeps it from running tcpdump and instead drops to a prompt.

I also attempted to use an expect script to automate getting around the console but even though it does run tcpdump like this it wont pipe it.

I am not a complete noob when it comes to linux but my cli-fu seems pretty weak in this area. Here is the command I usually use:

ssh username@XXX.XXX.XXX.XXX tcpdump -U -s0 -w - 'not port 22' | wireshark -k -i -

Thats what I would like to accomplish going to the pfsense box.

Thanks in advance!

rfi