Ethernet Packet sniffing with two nics

[Paulo.]

Hi all

I have an ATV310B Android TV box and the LAN activity LED is continuously on indicating it's transferring a lot of data
even when I'm not streaming anything.
I'm curious as to where and what it's communicating with, so thought I'd put a second network card into my TC machine
and route the Ethernet to the Android box thru the two nics and monitor the data.

Can anyone recommend a program that will display the packet data?

Thank you.
Paulo.

[Rich]

Hi Paulo.
I use  wireshark  when I need to look at network traffic. I also have an old 12 port hub (repeater, not router) which comes
in handy when you need to observe traffic between multiple machines.

[Paulo.]

Hi Rich

I wish I had kept my old hub as then it would have been a simple matter like you say using Wireshark.

Admittedly I haven't checked yet but I'm assuming that TC or TCE has brctl in which case I could bridge the two nics and use Wireshark
as it would then see the packets on both cards.

If it does not work, then perhaps I'll look around for a cheapish switch with a monitor port.
They come up occasionally on fleabay.

[Rich]

Hi Paulo.
If you are running TC4.x then  bridge-utils.tcz  is available. It has not yet been ported to TC5.x.

[Paulo.]

Hi Rich

Perfect, I'm running 4.7.5
Thanks.