if you want to do live capturing and decode using ethereal/tethereal then you'd 
simply do:

ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" | tethereal -nli -

/hannes

On Sat, Apr 09, 2005 at 05:05:16PM +0200, Pilz Rene wrote:
| Thanks for the suggestion. I need it in that way, that I can use it like 
| local captureable network interface.
| This is due the fact, that I need it in a program which uses the 
| libpcap. In my case is it ethereal. And when
| I download the files first, then I have no advantage to the solutions, 
| which I use now.
| 
| Thanks anyway.
| 
| /rene
| 
| Hannes Gredler wrote:
| 
| >On Fri, Apr 08, 2005 at 05:15:15AM -0700, Bruce M Simpson wrote:
| >| On Fri, Apr 08, 2005 at 11:57:33AM +0200, Pilz Rene wrote:
| >| > I want to add a feature where someone can connect and use a 
| >| > network-interface of a remote computer to capture data. As ronnie 
| >| > sahlberg has already pointed out in the ethereal list,
| >| > authentication and athoriztion should be one of the topics there. For 
| >| > sure the will be several more issues.
| >| 
| >
| >i typically use the following command for remote capturing:
| >
| >ssh [EMAIL PROTECTED] "sudo tcpdump -ni eth0 -s 0 -w -" > 
| >capture-file.pcap
| >
| >authentication/authorization/confidentiality and transport provided by ssh;
| >
| >does this help ?
| >
| >/hannes
| >-
| >This is the tcpdump-workers list.
| >Visit https://lists.sandelman.ca/ to unsubscribe.
| >
| > 
| >
| 
| 
| -- 
| Dipl-Ing (FH) MSc. C.E Ren? Pilz
| ftw. Telekommunications Research Center Vienna http://www.ftw.at
| Tech Gate Vienna, Donaucitystra?e 1, A-1220 Wien
| Mobile: +43 664 8269871 Office: +43 1 5052830-13  Fax: +43 1 5052830-99
| 
| -
| This is the tcpdump-workers list.
| Visit https://lists.sandelman.ca/ to unsubscribe.
| 
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Reply via email to