2011/9/13 Guy Harris <[email protected]>: > It sounds as if you mean "pcap-over-IP server" here, in that tcpdump would > send network traffic over the wire to a client, such as {tcpdump, Wireshark, > NetworkMiner, etc.}.
Well, you are right in that my idea was for tcpdump to send libpcap data over TCP to another machine. But I still consider tcpdump to be the client here, since tcpdump would be the side that initiates the TCP session. > In that case, tcpdump might be overkill; you don't need tcpdump's dissection > capabilities, for example. The reason for why it would be great to have in tcpdump is because tcpdump is an ubiquitous tool that is available practically everywere. Besides, there's nothing that would prevent tcpdump from being at the receiving end of a "Pcap-over-IP" TCP socket. However, I fully understand if you feel implementing a TCP listener or TCP client in tcpdump would be a digression from the intended functionality of tcpdump. /erik - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
