Loading ...
Sorry, an error occurred while loading the content.

tcpdump or wireshark

Expand Messages
  • Ansry User 01
    Hi, I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay. When using wireshark, I
    Message 1 of 1 , Aug 7, 2012
    • 0 Attachment
      Hi,

      I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay.

      When using wireshark, I can successfully capture these packets and view them in wireshark.
      However, when using tcpdump, these packets are then shown in wireshark as malformed packets. It seems like tcpdump wrongly parses/stores them.

      Is there any difference between tcpdump and wireshark capturing? Can I configure tcpdump to capture just like wireshark does? (I tried -s 0 or -s 65536 and this did not help)

      Command used : tcpdump -s 0 -w <file>


      Thank you!
    Your message has been successfully submitted and would be delivered to recipients shortly.