Jump to content

TCP DUMP - Must remain on module page to capture!!


Recommended Posts

Posted

This is extremely frustrating.  I just received my Mark VII and this thing is really disappointing.  I used the Tetra for a few years and it has worked great to capture pcaps for analysis.  I test IOT devices and captures have helped me solve many issues in the past.  

WHHYY must I remain in the module page for the capture to continue.  With the Tetra I would start a capture log, log out of the pineapple, allow it to log for hour+, log back in and download my PCAP.  This thing sucks, I literally have to have the tab open on the screen for data to be captured.  The Tetra has worked great for me and deft a lot more stable then this Mark VII.   

Am I doing something wrong???????

 

GRRRRRRRRRR

Posted

Well, I played with this today and had an idea to run tcpdump from a shell but no luck.  I can start a capture from  a shell using #tcpdump -i br-lan > filename.pcap  but when attempting to open the pcap the file is unreadable in Wireshark.  I thought I had found my work around but disappointment strikes again.    

Anyone?  

Posted

Can't see why a tcpdump capture wouldn't work from the CLI. Executed one just now on the Mark VII and there's no problem. It gathers network traffic and no issues opening it in Wireshark for further analysis.

Posted

I guess you're getting an error message like this when you try to open the file you created using the command line you pasted in the post above.

The file "xxxxxxxx.pcap" isn't a capture file in a format Wireshark understands.

That's just because you capture in the wrong way. Try something like this instead.

tcpdump -i br-lan -s 0 -w /tmp/dump_$(date +%Y-%m-%d-%H%M%S).pcap

 

Posted

Opppps.. I used > which generated the file but I Should have looked over the man and now I remember its -w to write to a file.   Its working like a charm through the CLI.  THANK YOU!!!!! 

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...