Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: tcpdump vs. wireshark
Special Forums IP Networking tcpdump vs. wireshark Post 302673531 by yotamhc on Wednesday 18th of July 2012 04:41:32 AM
Old 07-18-2012
tcpdump vs. wireshark
Hi,

I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay.

When using wireshark, I can successfully capture these packets and view them in wireshark.
However, when using tcpdump, these packets are then shown in wireshark as malformed packets. It seems like tcpdump wrongly parses/stores them.

Is there any difference between tcpdump and wireshark capturing? Can I configure tcpdump to capture just like wireshark does? (I tried -s 0 or -s 65536 and this did not help)

Thank you!
 

We Also Found This Discussion For You

1. IP Networking

Wireshark duplicate messages

Hello all, Is it any way to filter or better do not capture at all, duplicate messages? Thanks in advance (2 Replies)
Discussion started by: @dagio
2 Replies
All times are GMT -4. The time now is 01:04 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy