Hey guys, I am using the Mikrotik Packet sniffer and I aim it towards a Centos server that is running tcpdump on the interface and listening on 37008. Everything is capturing just fine but when I open the pcap file on my desktop to analyze it, every packet is in UDP format. Is there a way to have the actual protocols of the packets?
Thanks,
Bumbaa
Yes, you need a special tool that you run on the server to unpack those UDP packets.
It is called trafr and can be found on the software download page.
I get this error while trying to run it
./trafr
./trafr: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
Anyhow, thanks I’ll look into it.
You probably need to install some extra package e.g. 32-bit C library.