Capture network traffic simultaneously on three interfaces

networking tcpdump packet-capture
11,827

If you use wireshark/tshark, there is a pseudo-interface named 'any' which takes all the interfaces. tshark -i any Wireshark is available on all plateforms

Edit : The any interface depends of libpcap : tcpdump have it ! tcpdump -i any

Share:
11,827

Related videos on Youtube

drcelus
Author by

drcelus

The one man IT orchestra.

Updated on September 18, 2022

Comments

  • drcelus
    drcelus almost 2 years

    I need to capture traffic on a CentOS 5 server which acts as a web proxy with 2 wan interfaces and 1 LAN. In order to troubleshoot a weird proxy problem, I would like to have a capture of a full conversation. Since external connections are balanced between the two WAN interfaces, I wonder if is it possible to capture simultaneously on all interfaces.

    I have used tcpdump previously but it only admits one interface at a time. I can launch 3 parallel processes to capture on all interfaces but then I end up with 3 different capture files.

    What is the right way of doing this ?

    • drcelus
      drcelus almost 12 years
      Added the info - Centos 5.
    • BatchyX
      BatchyX almost 12 years
      you could use mergecap to merge your 3 pcap files.
  • pt1
    pt1 almost 8 years
    According to github.com/the-tcpdump-group/tcpdump/issues/… the 'any' interface doesn't support promiscuous mode. (The answer was written for tcpdump but I guess it applies for tshark too.)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

TCP Server sends [ACK] followed by [PSH,ACK]
Python raw socket listening for UDP packets; only half of the packets received
frame contains "\x03\x00\x0e\xa8" display filter in wireshark displays packets not containing these bytes
Stripping payload from a tcpdump?
tcpdump read both ipv4 and ipv6 packets from pcap
tcpdump error: no suitable device found in Linux
iptrace for linux: how can I trace full packet contents?
Capture only TCP SYN-ACK packets with tcpdump
Check for packets MARKed by iptables
Command to know the Network Switch IP