Remote Wireshark

Use wireshark remotely

create a fifo file, owned by your user:

# mkfifo ~/ftcpdump

In another terminal, send the data into wireshark

on your local machine do:

# ssh server "cat ~/ftcpdump" | wireshark -k -i

(do not forget to filter out ssh)

Output tcpdump data into the fifo

from the remote machine :

# tcpdump <filter> -U -s 0 -w ~/ftcpdump