Menu
Output of tcpdump is plain text generated by SOME of the fields in the header, thus many informations about a packet have been lost and total reconstruction is impossible. If you want to compare output of two programs, capture packets with tcpdump and log them as binaries.
I'd like to capture the output from tcpdump and use it as input for a second command. By the way I don't want to use the pcap format!I tried sudo tcpdump -q ip./out.txtWhen I watched the file I saw the whole STDOUT was written to the file all the time but I expected the file to be overwritten with the new content only. Is all the STDOUT buffered or cleared when written to the terminal?. Is there a way I can read only the partial updates from STDOUT?. How can I redirect output continuously from tcpdump to an other cmd?Does this work?
Sudo tcpdump -q ip mycommand.