I'm trying to use tcpick
to log http data in unique files (client and server mixed together). This is one of the examples from tcpick
's man page:
$ tcpick -i eth0 "port 80" -wRub
I expected this to write the tcp stream to a file named <ip_client>_<ip_server>_<port_server>.tcpick
, but it seems that no file gets written at all.
Does anyone have an explanation for this? I'm running tcpick
0.2.1 on Ubuntu 12.04.1 LTS.
This is probably too old to be of help, but ... My first guess would be that it's not seeing any traffic on eth0 port 80. If you "tcpdump -i eth0 port 80" do you get any traffic? If not, how about just "tcpdump -i eth0"? Answers to those might shed light.
When I run the above command (with appropriate interface name for my system), I get many files created. tcpick 0.2.1 on FreeBSD 9.1.