Wireshark mailing list archives
Re: remote capture framework
From: Morty <morty+wireshark () frakir org>
Date: Thu, 13 May 2010 23:06:04 -0400
On Thu, May 13, 2010 at 04:54:34PM -0700, Phil Paradis wrote:
If you're running on Linux, you can just create an init script to start dumpcap at boot. I'm not sure about the timestamp issue; all of our capture boxes are Windows-based
[snip]
You'd probably need a cron job to clean up the orphaned buffer files from system reboots though.
I am indeed running on Linux. Thanks for the dumpcap and timestamp pointers! It should be possible to save the need to clean the buffer files at boot and also improve performance by writing to a ramdisk FS, such as a tmpfs or ramfs. Not sure that I actually want it kicked off at boot, though. For our environment, might be better if people could specify their packet filters and start captures on-demand. - Morty ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- remote capture framework Morty (May 13)
- Re: remote capture framework Phil Paradis (May 13)
- Re: remote capture framework Morty (May 13)
- Re: remote capture framework Phil Paradis (May 14)
- Re: remote capture framework Morty (May 14)
- Re: remote capture framework Morty (May 13)
- Re: remote capture framework Morty (May 17)
- Re: remote capture framework Phil Paradis (May 13)
- Re: remote capture framework Max P (May 13)
- Re: remote capture framework Morty (May 13)
- Re: remote capture framework Max P (May 14)
- Re: remote capture framework Morty (May 13)