# Remote Wireshark

# Use wireshark remotely

### create a fifo file, owned by your user:
```sh
mkfifo ~/ftcpdump
```


### In another terminal, send the data into wireshark
on your local machine do:
```sh
ssh server "cat ~/ftcpdump" | wireshark -k -i
```
(do not forget to filter out ssh)

### Output tcpdump data into the fifo
from the remote machine :
```sh
tcpdump <filter> -U -s 0 -w ~user/ftcpdump
```