First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How can I set the udpdump port for use with tshark?

I try to use tshark with udpdump, but I need to set a different port for udpdump...

my current comandline:

/usr/bin/tshark -g -q -n -s 0 -F pcapng -i udpdump -b filesize:50000 -b files:200 -w /srv/data/udpdump_2020-05-06_23-00-59.pcapng

This are the started processes:

tshark   10071 10068  0 23:00 ?        00:00:00 /usr/bin/tshark -g -q -n -s 0 -F pcapng -i udpdump -b filesize:50000 -b files:200 -w /srv/data/udpdump_2020-05-06_23-00-59.pcapng
tshark   10088 10071  0 23:00 ?        00:00:00 /usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump --capture --extcap-interface udpdump --fifo /tmp/wireshark_extcap_udpdump_20200506230100_4ngo5f --port 5555 --payload data --debug false
tshark   10090 10071  0 23:00 ?        00:00:00 /usr/bin/dumpcap -n -b filesize:50000 -b files:200 -g -i /tmp/wireshark_extcap_udpdump_20200506230100_4ngo5f -s 262144 -Z none -w /srv/data/udpdump_2020-05-06_23-00-59.pcapng

I need a way to change the listen port 5555 to 37008 to use it with mikrotik a router, because on mikrotik site I am not able to change the destination port...

marsupilani's avatar
1
marsupilani
asked 2020-05-06 21:22:29 +0000
grahamb's avatar
23.8k
grahamb
updated 2020-05-07 07:47:56 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Setting preferences for extcap interfaces.

$ tshark -i udpdump -o extcap.udpdump.port:1234
Capturing on 'UDP Listener remote capture'

$ ps -ef | grep -i udpdump
xxxx   28081 27933  0 17:46 pts/2    00:00:00 tshark -i udpdump -o extcap.udpdump.port:1234
xxxx   28096 28081  0 17:46 pts/2    00:00:00 /usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump --capture --extcap-interface udpdump --fifo /tmp/wireshark_extcap_udpdump_20200506174606_UfYrMw --port 1234 --payload data --debug false
xxxx   28098 28081  0 17:46 pts/2    00:00:00 /usr/bin/dumpcap -n -i /tmp/wireshark_extcap_udpdump_20200506174606_UfYrMw -Z none
Chuckc's avatar
3k
Chuckc
answered 2020-05-06 22:50:55 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer