Wireshark mailing list archives

Re: dumpcap -f question [Re: Can I get Wireshark to capture constantly, but not count to infinity ?]

From: Phil Paradis <Phil.Paradis () unitedtote com>
Date: Tue, 24 Aug 2010 17:52:07 -0700


On Aug 24, 2010, at 7:52 PM, Gregorio Tomas Focaccio wrote:

I ran dumpcap -D to get: 1. eth0 2. wlan0 3. tap0 4. br0 5. eth1 6. usbmon1 (USB bus number 1) [etc.]  So, here is 
what I hope the command: dumpcap -b files:5 -i 4 -c 16500 -w 915PBLbr0


You should be able to put the interface name directly into the command line, e.g.

dumpcap -i br0 ... 

instead of 

dumpcap -i 4 ...

2. Captures 16,500 packets (for an individual capture file size less than 25M assuming 1500 byte MTU) in each file


-c will cause the capture to terminate when the limit is reached; it will not roll over to the next file. If you want 
to restrict the size of each file to 25MB, use '-b filesize:25600' instead.


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

dumpcap -f question [Re: Can I get Wireshark to capture constantly, but not count to infinity ?] Gregorio Tomas Focaccio (Aug 24)
- Re: dumpcap -f question [Re: Can I get Wireshark to capture constantly, but not count to infinity ?] Guy Harris (Aug 24)
- Re: dumpcap -f question [Re: Can I get Wireshark to capture constantly, but not count to infinity ?] Phil Paradis (Aug 24)
- Re: dumpcap -f question [Re: Can I get Wireshark to capture constantly, but not count to infinity ?] Jeff Morriss (Aug 25)