Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rpcapd wokring on pfSense

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shaharhd
      last edited by

      Hi to all wire-sharkers.

      The winpcap (windows network sniffer driver) has a nice utility called rpcapd, this utility enables running wireshark on one machine while pulling the sniffed traffic from a remote machine running rpcapd.

      Following the linux guides on the matter (and tweaking it a bit) I managed to compile a working pfsense 2.0.1 rpcapd static binary (amd64 version, I can also produce the 32bit easily).
      The nice thing about rpcapd is that it automatically takes his traffic out of the sniffed traffic, so you don't need to always add the filtering like you do when you're using tcpdump over SSH tunnels.

      As I have no experience in PHP or pfSense package development, I would like to see if someone is willing to help on creating a package to in addition to the internal pfsense packet capture (which is very limited) to allow the running and control of the rpcapd daemon.

      Thanks,
      Shahar

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.