|
|
|
|
|
|
by lir
2947 days ago
|
|
|
Try dumpcap [0], also part of the Wireshark suite. It's the back-end engine used by the Wireshark GUI as well as tshark.
tshark tracks state for streams the same way the GUI will and eats your RAM, whereas dumpcap is a dumb siphon (with filtering). 0: https://www.wireshark.org/docs/man-pages/dumpcap.html |
|
|