Wireshark · Ethereal-users: [Ethereal-users] Using Ethereal for long tests

Ethereal-users: [Ethereal-users] Using Ethereal for long tests

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Vipin Palawat" <vpalawat@xxxxxxxxx>

Date: Tue, 23 Oct 2001 15:06:28 -0400

Hi All,

I am using Ethereal Sniffer and I want to thank all of the developers
and contributors for this great tool.

I am having couple of questions about Ethereal :

1) What are the recommended settings if I want to use Ethereal for a day
long test.
   It seems to work ok for some time and then stops Sniffing. I guess this
has something
   to do with configuration or filters. I can see a large number of packets
sniffed before
   it stops sniffing.
   FYI : I just want to Sniff H.323 protocol packets coming in and going out
on the machine
   I am runninf Ethereal. I used the following filters:
   A) Capture Filter : "ether proto \ip"
   B) Display Filter : "h225||h245"

2) How can I specify the max. size of files and max. no. of files so that my
machine doesn't
   run out of disk space.

3) I am trying to capture a corrupted message. Can I write some kind of
filter which will *only*
   capture the error messages or corrupted message ??

Thanks for your help.

Best Regards,
Vipin

Follow-Ups:
- Re: [Ethereal-users] Using Ethereal for long tests
  - From: Guy Harris

References:
- Re: [Ethereal-users] No interfaces listed on NT workstation
  - From: Guy Harris

Prev by Date: Re: [Ethereal-users] GRE malformed packet
Next by Date: Re: [Ethereal-users] Using Ethereal for long tests
Previous by thread: Re: [Ethereal-users] No interfaces listed on NT workstation
Next by thread: Re: [Ethereal-users] Using Ethereal for long tests
Index(es):
- Date
- Thread