1
2
3
4
5
6
7
8
9
10
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
+
+
-
+
+
+
+
-
+
-
-
-
+
+
|
Everything you need to run "[`tcpdump`](http://www.tcpdump.org/)" on Microsoft Windows in a single portable executable.
- [Download](wiki?name=Download)
- [More Information](wiki?name=More Information)
The "`-i`" option has been modified to support IP addresses in addition to interface names. The IP address can be a local address or a remote one.
It is a "[`tcpdump`](http://www.tcpdump.org/)" executable, [WinPcap](http://www.winpcap.org/) library and driver wrapped in a simple executable that:
1. Unpacks the files to a temporary directory;
- Write out a capture file (which can be read by "wireshark" or "tcpdump"):
2. Installs and starts the "`npf`" driver (from [WinPcap](http://www.winpcap.org/));
3. Runs `tcpdump.exe`; and
4. Cleans up everything
|