Run tcpdump on Tomato firmware without thumb drive

tcpdump is a great asset to troubleshoot a network issue. Due to storage limitation, tcpdump is not included in the default. Here is the way to get it working without a thumb drive.

Tested on Tomato 1.28 rev 116 by Shibby on a NETGEAR 3500Lv2.

Check that you have enough space

You need about 2MB in /tmp to be safe:

Get the binary file

Capture traffic

Due to limited resources of the small routers likely to run Tomato firmware, you need to limit the amount of captured data.

Example:

If you want to use WireShark to analyse the traffic details, you need to use a command such as:

The filesystem would be quickly saturated! Better use a cifs storage or a thumb drive!
Valve

tcpdump – Careful opening the valve!

 

Got a thumb drive?

If you had a thumb drive, you can use OptWare.

On Tomato by Shibby, OptWare can be installed from SSH with the following command after mounting the USB drive in /opt:

The list of the packages available is available here.

7 Comments

  1. Christian October 26, 2015 7:50 am  Reply

    Tried tcpdump on my new Netgear R7000, but it does not work with Tomato v1.28.0000 -129 K26ARM USB AIO-64K. Worked fine many years on my old wrt54gl with tomato 1.28 (where I placed tcpdump on cifs1).
    Now it does not matter if I use tcpdump from cifs1 or copy it onto Netgear-router, always getting error:
    ./tcpdump: line 1:[email protected]@4P4: not found
    ./tcpdump: line 2: Ã: not found
    ./tcpdump: line 3: Ð: not found
    ./tcpdump: line 6: syntax error: unexpected \”(\”
    [email protected]:/tmp# PuTTY

    • Deeeze December 31, 2017 11:14 pm  Reply

      Probably wrong arch. This tcpdump is for a MIPS processor:

      tcpdump: ELF 32-bit LSB executable, MIPS, MIPS32 version 1 (SYSV), statically linked, corrupted section header size

  2. flo December 20, 2017 5:43 am  Reply

    I hat better success with optware on my stock asus RT-AC66 firmware
    get http://tomatousb.org/local–files/tut:optware-installation/optware-install.sh -O – | tr -d \’\\r\’ > /tmp/optware-install.sh
    chmod +x /tmp/optware-install.sh
    sh /tmp/optware-install.sh
    befire I modified the install script so that it installs it self in the /tmp
    I don\’t have anyway write permission on a stock firmware.
    After I just ipkg install tcpdump and it works

Leave a Reply