[LINUX_Newbies] tcpdump or wireshark

 

Hi,

I am trying to capture manually crafted IP packets, created using Scapy, to a pcap file that can later be replayed using tcpreplay.

When using wireshark, I can successfully capture these packets and view them in wireshark.
However, when using tcpdump, these packets are then shown in wireshark as malformed packets. It seems like tcpdump wrongly parses/stores them.

Is there any difference between tcpdump and wireshark capturing? Can I configure tcpdump to capture just like wireshark does? (I tried -s 0 or -s 65536 and this did not help)

Command used : tcpdump -s 0 -w <file>

Thank you!

__._,_.___

Reply to sender | Reply to group | Reply via web post | Start a New Topic

Messages in this topic (1)

Recent Activity:

• New Members 2

Visit Your Group

To unsubscribe from this list, please email LINUX_Newbies-unsubscribe@yahoogroups.com & you will be removed.

Switch to: Text-Only, Daily Digest • Unsubscribe • Terms of Use

.

__,_._,___