I try to setup a wireless sniffer using mikrotik and send the stream to a linux box for further processing. Idea is to find stolen items, even if they are not registered to our access points.
I managed to stream to wireshark, no problem at all, but that does not solve my problem.
Ultimately I need to "log" filtered traffic down to mysql database for further processing, in real time, or almost real time.
I tried trafr which seems to be able get the stream out, but it immediate exits after receiving the first packages of data from mikrotik sniffer stream.
[root@lina ~]# ./trafr -s | tcpdump -r - -n
reading from file -, link-type EN10MB (Ethernet)
It looks fine!
Now start the wireless sniffer in mikrotik, and trafr just exits...
Anyone who know what is problem with trafr, maybe it was not designed for wireless sniffing, only ethernet who knows ?
Is there another linux "server" that can receive the stream correctly and remove the encapsulating TZSP and log it to a file or a socket in a way. Can tcpdump do such magics or tshark/wireshark ?