Hi guys,
frequently I have to solve some problems by capturing packets on the client's machine.The problem is that the client's Internet Connection is very , very slow. Most of the time I have to create huge pcap files which later I upload to my machine for "debugging" with wireshark.
But sometimes the time is very limited and I issue the following commands to create a "Live" capture:
Code:
#mkfifo /tmp/pipe1
#ssh root@<server> "tcpdump -s 0 -U -n -w - -i <server's network device> not port 22" > /tmp/pipe1
#wireshark -k -i /tmp/pipe1
I'm looking for a way to further compress the output from tcpdump. I tried "-z gunzip" to a file to test compression - but it doesn't do anything (same as without -z). If you know a working way to even compress further the tcpdump output, I would be very happy.