Ed Maste wrote:
Your program wouldn't be processing old captured data. You have tcpdump
output libpcap format data to stdout, in realtime.
Note that there's currently no option in tcpdump to cause the standard
output to be flushed at the end of a packet (or a batch of packets) when
capturing wit
> > It's possible, but tcpdump itself can't do it. You could, for example,
> > write your own program to do so, reading a capture file from the
> > standard input (use libpcap, and open the file named "-" with
> > "pcap_open_offline()", to read from the standard input), and pipe
> > tcpdump's
Guy Harris wrote:
> MAURICIOMANENTS wrote:
> >I'd like to store packets in a database format so I can see packets
> >using ethereal (with the needed changes to support database reading)
>
> If you're talking about reading it using Ethereal, what you'll have to
> store is raw packet data, not some
MAURICIOMANENTS wrote:
I'd like to store packets in a database format so I can see packets
using ethereal (with the needed changes to support database reading)
If you're talking about reading it using Ethereal, what you'll have to
store is raw packet data, not something like a database record with
I'd like to store packets in a database format so I can see packets
using ethereal (with the needed changes to support database reading)
or remove not needed packets while capturing.
Does anyone know if it's possible to store packets using tcpdump on a
database (either SQL, Berkeley DB, or whateve
CVS log entries from 25.11.2004 (Thu) 10:06:50 - 26.11.2004 (Fri) 10:06:47 GMT
=
Summary by authors
=
Author: guy
File: tcpdump/tcpdump.1; Revisions: 1.166
==
