tcpdump mailing list archives

Re: Suggestion: Pcap-over-IP client support in tcpdump

From: Erik Hjelmvik <erik.hjelmvik () gmail com>
Date: Wed, 14 Sep 2011 08:16:09 +0200

2011/9/13 Guy Harris <guy () alum mit edu>:

It sounds as if you mean "pcap-over-IP server" here, in that tcpdump would send network traffic over the wire to a 
client, such as {tcpdump, Wireshark, NetworkMiner, etc.}.


Well, you are right in that my idea was for tcpdump to send libpcap
data over TCP to another machine. But I still consider tcpdump to be
the client here, since tcpdump would be the side that initiates the
TCP session.

In that case, tcpdump might be overkill; you don't need tcpdump's dissection capabilities, for example.


The reason for why it would be great to have in tcpdump is because
tcpdump is an ubiquitous tool that is available practically everywere.
Besides, there's nothing that would prevent tcpdump from being at the
receiving end of a "Pcap-over-IP" TCP socket.

However, I fully understand if you feel implementing a TCP listener or
TCP client in tcpdump would be a digression from the intended
functionality of tcpdump.

/erik
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

Suggestion: Pcap-over-IP client support in tcpdump Erik Hjelmvik (Sep 13)
- Re: Suggestion: Pcap-over-IP client support in tcpdump Guy Harris (Sep 13)
  - Re: Suggestion: Pcap-over-IP client support in tcpdump Erik Hjelmvik (Sep 13)
    - Re: Suggestion: Pcap-over-IP client support in tcpdump Guy Harris (Sep 13)
    - Re: Suggestion: Pcap-over-IP client support in tcpdump Michael Richardson (Sep 14)
    - Re: Suggestion: Pcap-over-IP client support in Francois Goudal (Sep 14)
    - Re: Suggestion: Pcap-over-IP client support in Rick Jones (Sep 14)
    - Re: Suggestion: Pcap-over-IP client support in Michael Richardson (Sep 14)
    - Re: Suggestion: Pcap-over-IP client support in rixed (Sep 15)
- Re: Suggestion: Pcap-over-IP client support in tcpdump Michael Richardson (Sep 14)