Skip to main content

Wireshark

Filter

dst host <name/ip>
src host <name/ip>
host <name/ip>

dst port <port>
src port <port>
port <port>

icmp
udp
tcp
rtsp
rtp

and &&
or ||
not !

Remote

ssh [email protected] tcpdump -U -s0 'not port 22' -i eth0 -w - | wireshark -k -i -

mkfifo /tmp/remote
wireshark -k -i /tmp/remote
ssh root@firewall "tcpdump -s 0 -U -n -w - -i eth0 not port 22" > /tmp/remote