I have a application talking to a database using persistent sessions. From time to time new sessions are initiated and I want to capture only those ones. I could wait hours before seeing a new session, so I'm looking for a capture filter that will allow only interesting traffic to be saved on disk. Please point me to any linux command line tool and filter syntax I could use. Thanks in advance !
asked 15 Jun '12, 01:51
One option would be to filter out all ports that are already in use by the established connections: