Hi eric.
There are two ways to do this easily with ethereal.
1, Use Linux and capture from the "ANY" interface, then you will capture
from
all interfaces at the same time. I dont think any other platforms support
this.
Note, this is not a Ethereal feature per se but rather a feature of Linux
which
can provide a "virtual" network interface that is the set of all others.
2, Run two capture processes, one for each interface and then use mergecap
to merge the
two captures into one. Not as nice but can be used on all platforms.
There has also been discussion recently that someone might be working on
virtualization of
the capture mechanism used by ethereal. A very very interesting and useful
feature which
would allow sniffing from non-network devices as well as allowing what you
want.
Hopefully this feature may be implemented in ethereal.
> Has anyone successfully managed to direct two streams of network traffic
> into a pipe, then capture with ethereal? If so, would you share some info
> on setting this up?
>
> Basically we are using a network tap which divides the traffic into
> separate directions (so as to not overrun a 100 meg NIC on a full duplex
> link). We would like to put this traffic back together within the system
> somehow before capturing it with ethereal. I'm not smart enough to know
> how to do that.
>
> Thanks in advance!
>
> -Eric
>
