Pocket Trick

Firefox’s Pocket browser plugin is great for capturing web content to read later. Also, check out this trick — If you happen to be checking out pages that you’re not sure about, and trying to protect your self with JavaScript disabled, sometimes those pages seem to not load. Pocket may help there too. It’s possible the site’s content has loaded enough for Pocket to grab the text, even if the page seems to be waiting for you.

It does this by looking at the HTML source code. You could read that as well, by right-clicking on the page, and selecting “view source“, but the nice trick about Pocket is that if formats all nice and pretty to read, so you don’t have to be your own HTML parser.

Capture a pcap from a router (Ubiquity EdgeX)

Remote connection

Perhaps you’ve used Wireshark to capture packets on your laptop, or pc. But what if you need to troubleshoot your router? A quick way to grap a dump, is a simple ssh/tcpdump combo. It’s easy to do, and can be done remotely.

First, your router must accept ssh connections for this method. In the case of EdgeMax router software, the settings to enable are in the “System” tab, found at the bottom of the web-based admin portal.

ssh and saving the pcap file.

$ ssh $(router_ip) "sudo tcpdump -s 0 -w - " > ~/Desktop/router_capture.pcap

The above command basically does it, and you can stop the capture with a Ctrl-C. Until then, you’ll be capturing packets remotely from your router, right onto you desktop. However, note that you’ll need to change $(router_ip) to your router, like 192.168.0.1, or example. You will likely be asked for passwords, both to connect to the router, and to use the sudo.

You could change the ‘~/router_capture.pcap‘ line to any path on your computer. However, I recommend saving somewhere only you can access. It may have sensitive info.

Parsing the file

This packet capture file will be readable by Wireshark, if this is all accomplished with a modern enough system. However, if you prefer to NOT have that format, and perhaps just ‘grep’ or read the text output, you can remove the ‘-w – ‘ part of the command. In addition, you could pipe the tcpdump command into a ‘grep’ first, to limit the amount of data. For instance:

$ ssh 192.168.2.1 "sudo tcpdump -s 0 | grep -e -v '192\.168\.0" > ~/router_capture.txt

The above will remove IPs that have “192.168.0” in the output. However, I don’t suggest this, as Wireshark will be much more powerful for searching and finding issues you might be having.