TCDump Missing packets

wifi tcpdump

We use TCPDump on an RPI to capture WiFi signals from nearby devices as a means to get an estimate of number of people.

We have notice the on "normal" days the numbers are reasonably accurate but for a couple of times where we had much larger numbers of people the counted devices are no where close to what should be counted.

I have read a couple of articles saying the default buffer size may be to low for when we see large numbers of devices and will need to be increased. Does thsi sound correct and if so any idea on what size buffer would be a good place to start?


The Raspberry Pi 3B's network bandwidth (wired and wireless) is less than half the bandwidth of the saturated network, so if it gets busy, the pi will drop packets.

As the other answer suggests, you might be better off using another tool to get a machine count. Possible sources would be:

  • ARP tables on the pi (maybe -- and this data times out in ~5 minutes)
  • dhcp logs (from the router?)
  • NAT gateway logs

Related

iptables-legacy cannot load NFQUEUE targets and the --queue-num and --queue-bypass options are unknown options
Where BIND9 saves its cache?
How to view all users and groups in AD without logging onto the DC?
load balancer mark "unhealty" new group member instance (ubuntu) after dist-upgrade
stop IPTABLES from prerouting to local IPs
In-place upgrade Server 2012 R2 to Server 2019 promised, but not available?
Can an iPad 2020 be connected to a USB-C monitor?
Photos smart album for photos with no people at all
iOS - Move Apps from Spotlight Search to Home Screen?
Add currently playing song to Apple Music using AppleScript Editor
Create keyboard shortcuts for touch bar's functions
How to use Macbook pro in clamshell mode with lid open on macos mojave?