pcapdump
specialized libpcap utilities
Install
- All systems
-
curl cmd.cat/pcapdump.sh
- Debian
-
apt-get install pcaputils
- Ubuntu
-
apt-get install pcaputils
- Kali Linux
-
apt-get install pcaputils
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install pcaputils
- Raspbian
-
apt-get install pcaputils
- Dockerfile
- dockerfile.run/pcapdump
pcaputils
specialized libpcap utilities
pcaputils includes the following libpcap-based utilities: - pcapip: filters an input pcap file based on a file containing IP addresses - pcappick: picks specific frames out of a pcap by number - pcapuc: prints unique src IPs, dst IPs, or {src, dst} IP pairs witnessed - pcapdump: a dedicated packet capture utility similar to dumpcap, but with these features: * logs packet dump and drop rates * can run as a daemon * can dynamically reload its configuration without dropping packets * can be signalled to immediately rotate its capture output file * can partition its output based on time intervals (e.g., start of hour or start of day) * can strip application data from the trace file (output headers only) * can sample the packet stream (e.g., only dump every 1 in 10 or 1 in 100 packets)