Hello Folks!
I try to setup a wireless sniffer using mikrotik and send the stream to a linux box for further processing. Idea is to find stolen items, even if they are not registered to our access points.
I managed to stream to wireshark, no problem at all, but that does not solve my problem.
Ultimately I need to "log" filtered traffic down to mysql database for further processing, in real time, or almost real time.
I tried trafr which seems to be able get the stream out, but it immediate exits after receiving the first packages of data from mikrotik sniffer stream.
Staring trafr:
[root@lina ~]# ./trafr -s | tcpdump -r - -n
reading from file -, link-type EN10MB (Ethernet)
It looks fine!
Now start the wireless sniffer in mikrotik, and trafr just exits...
[root@lina ~]#
Hmmm....
Anyone who know what is problem with trafr, maybe it was not designed for wireless sniffing, only ethernet who knows ?
Is there another linux "server" that can receive the stream correctly and remove the encapsulating TZSP and log it to a file or a socket in a way. Can tcpdump do such magics or tshark/wireshark ?