On Tue, Mar 2, 2010 at 8:54 AM, Hiren Joshi <[email protected]> wrote:
> I'm using the "packet capture" bit in pfsense. Is there a way of doing > this via the shell (I'm new to BSD, more of a Linux person) and leaving > it running (filtered by hostname) for a few hours/days? This way I can > dump it all and analyse it in wireshark. tcpdump. For example, tcpdump -i vr0 -n -w capture.pcap -i for the interface, -n to disable name resolution, capture.pcap is the capture file. I'm not sure if you have to do anything special to make it readable in wireshark. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
