I need to run 2 concurrent tcpdump commands with different arguments/options. Why ? Because we wrote some long long scripts compatible with following options :
tcpdump -ixenbr0 -s 400 -n -A 'port sip || (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420) || (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354 && tcp[((tcp[12:1] & 0xf0) >> 2) + 4:1] = 0x20) || (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x48545450 && tcp[((tcp[12:1] & 0xf0) >> 2) + 4:4] = 0x2f312e31 && tcp[((tcp[12:1] & 0xf0) >> 2) + 8:4] = 0x20323030 && tcp[((tcp[12:1] & 0xf0) >> 2) + 12:2] = 0x204f && tcp[((tcp[12:1] & 0xf0) >> 2) + 14:1] = 0x4b)' > tcpdump.txt
These options and formatting are needed for our script (those strange rules are needed to filter GET, POST and SIP protocol packets only). In the other I need to capture MySQL packets and analyze them. As its not a trivial task to find request/responses and analyze the mean time of execution of the queries, so I planned to use pt-query-digest package to analyze SQL queries using tcpdump, but it requires to execute the tcpdump with the following option and it won't work in other formats:
tcpdump -ixenbr0 -s 65535 -n -x -q -tttt port 3306 > tcpdump.txt
Is it possible to run two concurrent tcpdumps OR any way to have tcpdump output in both formats mentioned OR is there anyway to merge these two commands?
