if you want to do live capturing and decode using ethereal/tethereal then you'd simply do:
ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" | tethereal -nli - /hannes On Sat, Apr 09, 2005 at 05:05:16PM +0200, Pilz Rene wrote: | Thanks for the suggestion. I need it in that way, that I can use it like | local captureable network interface. | This is due the fact, that I need it in a program which uses the | libpcap. In my case is it ethereal. And when | I download the files first, then I have no advantage to the solutions, | which I use now. | | Thanks anyway. | | /rene | | Hannes Gredler wrote: | | >On Fri, Apr 08, 2005 at 05:15:15AM -0700, Bruce M Simpson wrote: | >| On Fri, Apr 08, 2005 at 11:57:33AM +0200, Pilz Rene wrote: | >| > I want to add a feature where someone can connect and use a | >| > network-interface of a remote computer to capture data. As ronnie | >| > sahlberg has already pointed out in the ethereal list, | >| > authentication and athoriztion should be one of the topics there. For | >| > sure the will be several more issues. | >| | > | >i typically use the following command for remote capturing: | > | >ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" > | >capture-file.pcap | > | >authentication/authorization/confidentiality and transport provided by ssh; | > | >does this help ? | > | >/hannes | >- | >This is the tcpdump-workers list. | >Visit https://lists.sandelman.ca/ to unsubscribe. | > | > | > | | | -- | Dipl-Ing (FH) MSc. C.E Ren? Pilz | ftw. Telekommunications Research Center Vienna http://www.ftw.at | Tech Gate Vienna, Donaucitystra?e 1, A-1220 Wien | Mobile: +43 664 8269871 Office: +43 1 5052830-13 Fax: +43 1 5052830-99 | | - | This is the tcpdump-workers list. | Visit https://lists.sandelman.ca/ to unsubscribe. | - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.