FreeStone/pcapmirror-test
1
0
Fork 0
forked from cramer/pcapmirror
Code Issues Pull Requests Actions Packages Releases Wiki Activity

Copyright and Wireshark

Browse Source
This commit is contained in:
Matthias Cramer
2025-03-21 08:02:38 +01:00
parent ff0bd0c8a6
commit a9918e4759
3 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@@ -1,6 +1,5 @@
# pcapmirror
pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using TZSP encapsulation. It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis.
pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using [TZSP encapsulation](https://en.wikipedia.org/wiki/TZSP). It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis.
## Usage
@@ -26,6 +25,12 @@ sudo pcapmirror -i eth0 -f "tcp port 80" -r 192.168.1.100 -p 47008 -v
```
*Note*: Running pcapmirror typically requires root privileges due to the use of libpcap for capturing network traffic.
## Usage with wireshark
With this tool, you can mirror traffic directly to a running [Wireshark](https://www.wireshark.org/).
To avoid capturing traffic from your own monitoring machine, configure Wireshark with a capture filter of udp port 37008 or udp dst port 37008. Also, verify that your firewall permits this UDP traffic.
## Compile and Install
Compile the program: