07-18-2012
7,
0
Join Date: Jun 2010
Last Activity: 17 January 2013, 5:28 AM EST
Posts: 7
Thanks Given: 1
Thanked 0 Times in 0 Posts
tcpdump vs. wireshark
Hi,
I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay.
When using wireshark, I can successfully capture these packets and view them in wireshark.
However, when using tcpdump, these packets are then shown in wireshark as malformed packets. It seems like tcpdump wrongly parses/stores them.
Is there any difference between tcpdump and wireshark capturing? Can I configure tcpdump to capture just like wireshark does? (I tried -s 0 or -s 65536 and this did not help)
Thank you!