Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
ausjke
on May 30, 2018
|
parent
|
context
|
favorite
| on:
Tcpdump Examples
tshark is supposed to be a tcpdump alternative but it seems tcpdump is still dominant on the command line these days.
assafmo
on May 30, 2018
[–]
tshark always hogs my RAM and eventually crashes on > 4GB pcaps. I'd love to have a solution for this.
lir
on May 30, 2018
|
parent
[–]
Try dumpcap [0], also part of the Wireshark suite. It's the back-end engine used by the Wireshark GUI as well as tshark. tshark tracks state for streams the same way the GUI will and eats your RAM, whereas dumpcap is a dumb siphon (with filtering).
0:
https://www.wireshark.org/docs/man-pages/dumpcap.html
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
