Wireshark mailing list archives
Re: PCAP-over-IP in Wireshark?
From: Harald Welte <laforge () gnumonks org>
Date: Tue, 1 Feb 2022 18:16:32 +0100
Hi Erik, not sure if it fits your use case, but https://git.osmocom.org/osmo-pcap/ might be another option to look at. It's a combination of client and server for aggregating packet captures from various probes (clients) around a network. The protocol between client and server can be a custom, TCP based protocol (fulfilling your concerns aginst UDP based solutions), or IPIP (which of course suffers from the same MTU concerns you raised against UDP). Those tools are not performance optimized and hence not intended for high-bandwidth captures, but mostly used (and originally developed for) to capture telecom signalling traffic. Manual can be found at https://downloads.osmocom.org/docs/latest/osmopcap-usermanual.pdf -- - Harald Welte <laforge () gnumonks org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: PCAP-over-IP in Wireshark? Erik Hjelmvik (Feb 01)
- Re: PCAP-over-IP in Wireshark? Jaap Keuter (Feb 01)
- Re: PCAP-over-IP in Wireshark? Roland Knall (Feb 01)
- Re: PCAP-over-IP in Wireshark? chuck c (Feb 01)
- Re: PCAP-over-IP in Wireshark? Joerg Mayer (Feb 01)
- <Possible follow-ups>
- Re: PCAP-over-IP in Wireshark? Harald Welte (Feb 01)
- Re: PCAP-over-IP in Wireshark? Jaap Keuter (Feb 01)