How can I have tcpdump write to file and standard output the appropriate data?

I want to have tcpdump write raw packet data into a file and also display packet analysis into standard output as the packets are captured (by analysis I mean the lines it displays normally when -w is missing). Can anybody please tell me how to do that?

Solution

Here's a neat way to do what you want:

tcpdump -w - -U | tee somefile | tcpdump -r -

What it does:

-w - tells tcpdump to write binary data to stdout
-U tells tcpdump to write each packet to stdout as it is received, rather than buffering them and outputting in chunks
tee writes that binary data to a file AND to its own stdout
-r - tells the second tcpdump to get its data from its stdin

Pipe Input on a timer
How to send data to local clipboard from a remote SSH session
Wait for file input or a signal in Linux
Linux "install" command for wildcard installation
Fatal error: cuda.h: No such file or directory
docker.sock permission denied
Expected expression before <= token
How to remove folders with a certain name
How do you delete files older than specific date in Linux?
How to remove all Docker containers
/usr/bin/ld: cannot find -lglfw
SIGQUIT in child process does not produce core dump despite status showing a core dump was produced
How to set the mode of a file the same as an other's one?
Looping through the content of a file in Bash
Piping large file from Powershell ssh to Linux
Tomcat shutdown VERY slow after calling shutdown.sh?
Eclipse Fails to Load (Exit Code 13) on fresh Fedora 22 w/ latest OpenJDK
How to implement ssh session logging in Go?
How to format date in bash to YYYY-DD-MMTHH:MM:SS.sss
Waitpid equivalent with timeout?
POSIX way to do O_DIRECT?
how to insert 64 bytes FF to a flash file every 2048 bytes with python
Is it possible to convert C to asm without link libc on Linux?
Explanation of Permission Bits
Boost thread crash
Are blocks and libdispatch available on linux?
How are some Linux device drivers automatically loaded/unloaded?
How to port a linux driver , which is compiled in 2.6 kernel ,without compiling in other new version of kernel
Docker Volume not mounting any files
Authenticate from Linux to Windows SQL Server with pyodbc