Problem found! :)
If you wait long enough tail will not include the file header and
tcpdump will just die.
tail -F -n +1 $my_pcap | tcpdump -nr -
And you are happy again.
Don't even think about not including -n... Depening on how many log
entrys you have it will be slw.
Cheers
Flo
sig
Hi,
I'm logging dropped packets with ulogd2 into a pcap file so that tcpdump
should be able to read it.
At some point tcpdump is not anymore able to read the file and quits
with "unknown file format".
The file command instead is printing a correct header:
/var/log/ulog/ulogd.pcap: tcpdump capture
2 matches
Mail list logo
