Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] DumpCap and Multiple Files

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Ulf Lamping <ulf.lamping@xxxxxx>
Date: Tue, 04 Jul 2006 20:29:39 +0200

Shlomo Taub wrote:
Thanks for the pointer - this is exactly the problem which I have been having. (Having tested further, it looks like the restarts may have been a red herring.) 

What is the purpose of -a along with -b?
You may have a look at the manpage/HTML page about dumpcap. If you can't find one, use http://www.ethereal.com/docs/man-pages/ethereal.1.html instead, as the meaning of these parameters are the same for dumpcap and Ethereal.
Simplified: -a specifies when to stop the whole capture process while -b is the criteria when to switch to a new file. 

Regards, ULFL
  • References:
    • Re: [Wireshark-users] DumpCap and Multiple Files
      • From: Shlomo Taub
  • Prev by Date: Re: [Wireshark-users] How to enable h248 dissector for Ethereal trace H.248.1 v1 BER (ip:udp:h248) ?
  • Next by Date: Re: [Wireshark-users] Ethereal packet flow understanding
  • Previous by thread: Re: [Wireshark-users] DumpCap and Multiple Files
  • Next by thread: Re: [Wireshark-users] DumpCap and Multiple Files
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation