How to do a capture packets with tcpdump and encapsulate it and send it to another host running wireshark(or tshark) like Mikrotik does?
Mikrotik orientation is in this link:
https://wiki.mikrotik.com/wiki/Ethereal/Wireshark
Next is a link to a Russian video(but understandable, because of images) that exemplifies it.
https://youtu.be/YxYnNple7oE
I looked to the packets and found a layer of TZSP
https://en.wikipedia.org/wiki/TZSP
I didn't know it until 2 hours ago... And it works perfectly! Real time with low CPU consume on the host that is sniffing and no local disk needed.
P.S.: I Know the possibility on using ssh tunneling, but is not possible in some devices that I'm working with...
