I'm having a problem with one of our customers' embedded computers. They seem to discard some network packets which they should not. I can capture the TCP communication from a managed switch outside the box using Wireshark and I can probably also manage to capture all data from within using tcpdump. I could load both dumps into Wireshark and compare them myself. But is there an easier way to only see the differences between two such dump files?
How to diff two network dumps from tcpdump or Wireshark
diff()tcpdumpwireshark
Best Answer
I can't remember if I've used it or not, but I think TPCAT can do what you're after.