GUI required? Use on headless Ubuntu Server via SSH?

asked 2022-06-09 21:42:17 +0000

brec
18 ●3 ●4

My initial use would be determining what, if anything, is coming in to the server on one of its ethernet interfaces from my Mac on the same LAN subnet. There's a router and a switch between the Mac and the server. I'm trying to set up the server as a web proxy for the Mac.

answered 2022-06-09 21:57:25 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●950 ●227 https://www.wireshark.org

Use tshark, the command line client.

edit flag offensive delete link

Comments

(If I shouldn't turn this into a "newbie's questions" thread beyond the scope of my original question, please let me know.)

What's the most expedient way to access/read the pcapng files that tshark writes?

brec ( 2022-06-09 23:24:19 +0000 )edit

Got it -- tcpdump

brec ( 2022-06-09 23:32:55 +0000 )edit

tcpdump is also useful but doesn't have some of the filtering capabilities that tshark has. Use whatever's appropriate for you.

To examine the captures, transfer them to another host that can run Wireshark.

grahamb ( 2022-06-10 05:55:33 +0000 )edit

I meant tcpdump only for examining the tshark pcapng file output, after Ctrl-C-ing out of tshark.

brec ( 2022-06-10 11:07:17 +0000 )edit

tcpdump dissects much less traffic than tshark, but if it meets your needs it's good enough. Arguably you could also use tcpdump to make the captures.

grahamb ( 2022-06-10 11:42:28 +0000 )edit

see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

GUI required? Use on headless Ubuntu Server via SSH?

1 Answer

Comments

Your Answer

Question Tools

Stats

GUI required? Use on headless Ubuntu Server via SSH? edit

1 Answer

Comments

Your Answer

Question Tools

Stats

GUI required? Use on headless Ubuntu Server via SSH?