I want to have tcpdump write raw packet data into a file and also display packet analysis into standard output as the packets are captured (by analysis I mean the lines it displays normally when -w is missing).
Can anybody please tell me how to do that?
Here's a neat way to do what you want:
tcpdump -w - -U | tee somefile | tcpdump -r -
What it does:
-w - tells tcpdump to write binary data to stdout-U tells tcpdump to write each packet to stdout as it is received, rather than buffering them and outputting in chunkstee writes that binary data to a file AND to its own stdout-r - tells the second tcpdump to get its data from its stdin