Inside Firewalla and STEM Learning example

Follow

Comments

2 comments

  • Avatar
    Benjamin Bellamy

    It’s safer not to run tshark as root but from pi user.

    $ unalias apt-get
    $ sudo apt-get update
    $ sudo apt-get install tshark
    $ sudo chmod +x /usr/bin/dumpcap

    then you probably want to run something like this:

    $ tshark -i eth0 -f "host 192.168.1.42 and not arp and not icmp"
    2
    Comment actions Permalink
  • Avatar
    Benjamin Bellamy

    In order to have tshark run all the time, to keep 5 files of 1MB each, I run on Firewalla:

    $ nohup tshark -i eth0 -f "ether host xx:xx:xx:xx:xx:xx" -b filesize:1024 -b files:5 -w /home/pi/myfilename &

    Then I fetch the files with SFTP from my computer and open them in Wireshark.

    2
    Comment actions Permalink

Please sign in to leave a comment.