tcpdump mailing list archives
Re: How to daemonize tcpdump
From: Guy Harris <guy () alum mit edu>
Date: Fri, 23 May 2008 18:52:06 -0700
On May 23, 2008, at 12:44 PM, Chris Pawelko wrote:
Has anybody heard of or had run tcpdump as a daemon? If so are there any instructions?
"Run[ning] tcpdump as a daemon" is too general of an operation to have a single simple set of instructions; do you want to have:
a daemon that starts up at boot time and captures from a particular interface, with a particular filter, writing binary data to a particular file;
a daemon that you can connect to and ask it to start a capture on a specified interface, with a specified filter, writing to a specified file;
etc.?The first of those would probably be easy to do on various UN*Xes, by having the daemon "program" be a script that runs tcpdump with the appropriate -i, -s, and -w flags and filter argument.
The second of those would be more work, as you'd need a daemon to handle the "accept a connection, parse whatever request you send it, and run tcpdump" - unless you decide, for example, that the daemon's name should be "sshd". :-)
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- How to daemonize tcpdump Chris Pawelko (May 23)
- Re: How to daemonize tcpdump Guy Harris (May 23)
- Re: How to daemonize tcpdump Bruce M Simpson (May 26)
- Re: How to daemonize tcpdump Guy Harris (May 27)
- Re: How to daemonize tcpdump Bruce M Simpson (May 28)