Reset Search



KB44358 - Obtain or record a packet capture (tcpdump) from an iOS device

« Go Back


Last Modified Date2/9/2020 4:06 PM
This article provides instructions to obtain or record a packet capture (tcpdump) from an iOS device.
Problem or Goal
Under some circumstances, a packet capture from an iOS device can be helpful to understand problem, but there is no app that will let you record a packet capture directly on the device.


  1. Macbook with Xcode installed
  2. Lighting cable to connect iPhone to Macbook
  3. Wireshark


  1. Make sure Macbook has the latest Xcode version installed
  2. Connect iPhone to Macbook with the lighting cable
  3. From the Macbook, open Xcode app
  4. From the top menu, select Window > Devices and Simulators
  5. From the left pane, select the iPhone device
User-added image
  1. In the right pane, find the identifier of iPhone and copy to clipboard
  2. Open a terminal window and navigate to /Library/Apple/usr/bin
  3. Execute the following command:
./rvictl -s <identifier of iPhone>

Starting device XXXXX [SUCCEEDED] with interface rvi0
  1. Open Wireshark.
  2. Under Capture menu, locate and double click the rvi interface.  In this example, it is rvi0.
User-added image
  1. Replicate the issue and save the tcpdump
  2. Once completed, make sure to remove the rvi interface by running the following command:
./rvictl -x <identifier of iPhone>

Stopping device XXXX [SUCCEEDED]
Related Links
Attachment 1 
Created ByK. Kitajima



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255