rfinterference Posted May 31, 2013 Share Posted May 31, 2013 Hello! So i have been stuck on this for a little while and figuired if anyone would know how to do this it would be you guys. I have a pfsense box that I would like to pipe tcpdump from to wireshark on my local machine. This is normally easy to accomplish going from linux or bsd but pfsense goes to a console when you ssh in as root(admin). This stops the command from working. I have tried a few things to get around this such as creating a new user "this gets rid of the console problem" but creates a new problem. Pfsense does not have sudo and even with the new user added to the wheel group adding su - keeps it from running tcpdump and instead drops to a prompt. I also attempted to use an expect script to automate getting around the console but even though it does run tcpdump like this it wont pipe it. I am not a complete noob when it comes to linux but my cli-fu seems pretty weak in this area. Here is the command I usually use: ssh username@XXX.XXX.XXX.XXX tcpdump -U -s0 -w - 'not port 22' | wireshark -k -i - Thats what I would like to accomplish going to the pfsense box. Thanks in advance! rfi Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.