Wireshark · Wireshark-dev: [Wireshark-dev] Bug with "-a duration" in tshark/dumpcap

Wireshark-dev: [Wireshark-dev] Bug with "-a duration" in tshark/dumpcap

From: "Hirsch, Christian" <Christian.Hirsch@xxxxxxxxxxx>

Date: Fri, 9 Feb 2007 08:00:15 +0100

Title: Bug with "-a duration" in tshark/dumpcap

Hi Comunity,

for traffic post analysis I used crontab to start dumpcap every 10 minutes and the options "-w $date$outname -a duration:600".

The problem is, that if there is noch traffic on the wire, the process will never be closed and hangs till it sees some IP-Packets.

This causes the machine to start every 10 minutes a new process which will never close till the machine crash because of too much processes.

The best solution would be that tshark/dumpcap writes a files and if leave it empty.
After the given duration it should be forced to stop the capture process even if there was no traffic on the wire.
Maybe somebody can support me by change the source.

Thanks in advance
Christian

Follow-Ups:
- Re: [Wireshark-dev] Bug with "-a duration" in tshark/dumpcap
  - From: Jeff Morriss

Prev by Date: [Wireshark-dev] PATCH for DHCP option 125 DSL Forum TR-111 suboptions
Next by Date: Re: [Wireshark-dev] First MSVC2005EE build - very smooth - thank you
Previous by thread: Re: [Wireshark-dev] PATCH for DHCP option 125 DSL Forum TR-111 suboptions
Next by thread: Re: [Wireshark-dev] Bug with "-a duration" in tshark/dumpcap
Index(es):
- Date
- Thread