Re: Reliability?

[Guy Harris <guy () alum mit edu>]

On Feb 19, 2010, at 4:35 AM, Boaz Galil wrote:

> Is there a way to know when the machine will run out of memory? (for example running Tshark for 1 hour = leak XMB.. 
> or something like that.)

No.  The amount of memory it accumulates depends on the traffic.

> tcpdump is not part of the wireshark package,

Unless you're running on Windows, a random machine is, I suspect, more likely to have tcpdump on it than Wireshark.  
Several UN*Xes (*BSD, Mac OS X) come standard with tcpdump, and some other UN*Xes (at least some Linux distributions) 
include packages for both and *might* install tcpdump but not Wireshark by default.  (On Windows, you'd have to 
download and install Wireshark *or* WinDump.)

> is there any solution for long packet capture with wireshark package?

To quote my earlier message:

> The way to avoid that issue is not to use Wireshark or TShark to do long-running captures, and to use dumpcap instead.

dumpcap *is* part of the Wireshark package (it's what Wireshark and TShark run in order to do capturing).
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe