출처 : https://j2doll.github.io/wireshark-remote-command-win/README.ko.html
============================
linux pc 기반
============================
# mkfifo /tmp/wireshark
# wireshark -k -i /tmp/wireshark
# ssh root@172.20.0.17 "/nand1/tcpdump -s 0 -U -w - -i eth0 not port 22" > /tmp/wireshark
============================
Window PC에서 packet capture
============================
다음을 파일명 "remotecap.cmd"로 저장하여 command 창에서 실행
** 환경변수 값은 상황에 맞게 변경 해야함.
@REM ----------------------------------------------------
@REM remotecap.cmd
@REM Example command for captruing eremote network packet
@REM using wireshark and tcpdump.
@REM First written by j2doll. September 10th 2016.
@REM https://github.com/j2doll/wireshark-remote-command-win
@REM http://j2doll.tistory.com
@REM ----------------------------------------------------
@REM install putty and wireshark on your windows pc.
@SET PLINK_PATH="C:\Program Files\PuTTY\plink.exe"
@SET WIRESHARK_PATH="C:\Program Files\Wireshark\Wireshark.exe"
@SET REMOTE_SERVER=172.20.0.17
@SET REMOTE_ACCOUNT=root
@SET REMOTE_PASSWORD=guseoxhdtls
@SET REMOTE_INTERFACE=eth0
@REM execute command
%PLINK_PATH% -no-antispoof -ssh -pw %REMOTE_PASSWORD% %REMOTE_ACCOUNT%@%REMOTE_SERVER% "/nand1/tcpdump -s0 -U -w - -i %REMOTE_INTERFACE% not port 22" | %WIRESHARK_PATH% -i - -k
============================
linux pc 기반
============================
# mkfifo /tmp/wireshark
# wireshark -k -i /tmp/wireshark
# ssh root@172.20.0.17 "/nand1/tcpdump -s 0 -U -w - -i eth0 not port 22" > /tmp/wireshark
============================
Window PC에서 packet capture
============================
다음을 파일명 "remotecap.cmd"로 저장하여 command 창에서 실행
** 환경변수 값은 상황에 맞게 변경 해야함.
@REM ----------------------------------------------------
@REM remotecap.cmd
@REM Example command for captruing eremote network packet
@REM using wireshark and tcpdump.
@REM First written by j2doll. September 10th 2016.
@REM https://github.com/j2doll/wireshark-remote-command-win
@REM http://j2doll.tistory.com
@REM ----------------------------------------------------
@REM install putty and wireshark on your windows pc.
@SET PLINK_PATH="C:\Program Files\PuTTY\plink.exe"
@SET WIRESHARK_PATH="C:\Program Files\Wireshark\Wireshark.exe"
@SET REMOTE_SERVER=172.20.0.17
@SET REMOTE_ACCOUNT=root
@SET REMOTE_PASSWORD=guseoxhdtls
@SET REMOTE_INTERFACE=eth0
@REM execute command
%PLINK_PATH% -no-antispoof -ssh -pw %REMOTE_PASSWORD% %REMOTE_ACCOUNT%@%REMOTE_SERVER% "/nand1/tcpdump -s0 -U -w - -i %REMOTE_INTERFACE% not port 22" | %WIRESHARK_PATH% -i - -k
댓글
댓글 쓰기