Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

tcpdump capture gets flooded when trying to redirect the output to remote host

Hi Team,

I am trying to redirect and collect tcpdump capture to a remote server but I am facing issue with packets over sizing. Capture gets flooded within seconds and create big files ~500-600 MB. I am using SSH pipe for redirection -

tcpdump -lnni eth1 -XX -w - | ssh <hostname>@<hostip> "cat >> dump.pcap"

Any idea why is this happening and how to correct it ?

If I dump binary output to local machine then there is no flooding and it works well.