LEDE/OpenWRT — TCPDump to Wireshark

LEDE/OpenWrt & IoT
Published in
2 min readSep 21, 2016


Learn how to set up tcpdump on your LEDE/OpenWRT device to communicate with Wireshark, allowing you to view the traffic on your home network.

This post will focus specifically on the steps you need to run on your LEDE/OpenWRT device to drive the data into Wireshark, and so assumes that you already have Wireshark running on another computer.

SSH to your LEDE/OpenWRT device

If you are using Windows then start PuTTY and click Session on the left side, select SSH from the options, and then enter in the IP Address of your LEDE/OpenWRT box into the Host Name field.

Once you’ve done this just click on Open to start up the SSH connection.


If you are connecting via terminal, then just SSH to your LEDE/OpenWRT device using the following command, where is your LEDE/OpenWRT device’s IP address.

ssh root@


First up we need to make sure tcpdump is installed on your device. Run the following commands:

opkg update
opkg install tcpdump


Once you have tcpdump installed you just need to run the following to start piping the data into Wireshark:

"tcpdump -i br-lan -U -s0 -w - host" | wireshark -k -i -

This will pipe the captured packets related to the address

Change this address relative to what data you want to capture.

If you found this post helpful please let us know by clicking the ♥ below.

This blog was brought to you by Cucumber WiFi. Cucumber helps you run a more efficient WiFi network. Check it out here.

Cucumber WiFi — control any (WiFi) device from the cloud.



LEDE/OpenWrt & IoT

An orchestration tool for WiFi devices — Manage your networks from a single-pane of glass.