Lnxgeek.org Wiki - Freedom of choice, I choose Freedom

User Tools

Site Tools

You are here: start » howtos » creating_a_decrypted_tcpdump_capture
howtos:creating_a_decrypted_tcpdump_capture

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Last revisionBoth sides next revision
howtos:creating_a_decrypted_tcpdump_capture [28/08/2022 20:54] domingohowtos:creating_a_decrypted_tcpdump_capture [28/08/2022 20:55] domingo
Line 11: Line 11:
 </code> </code>
  
-Now get the dump.pcap file onto a device with tshar installed and strip out the PMS information:+Now get the dump.pcap file onto a device with tshark installed and strip out the PMS information:
  
 <code> <code>
 tshark -r dump.pcap -Y "f5ethtrailer.tls.keylog" -T fields -e f5ethtrailer.tls.keylog | tr , '\n' tshark -r dump.pcap -Y "f5ethtrailer.tls.keylog" -T fields -e f5ethtrailer.tls.keylog | tr , '\n'
 keylog.txt keylog.txt
 +
 +I'm not sure why you can't do it on the Big-IP but it didn't work for me.
 </code> </code>
  
howtos/creating_a_decrypted_tcpdump_capture.txt · Last modified: 28/08/2022 20:56 by domingo