Hi,
one of my customers in using dumpcap (on Windows) like this:
> dumpcap -i X -w data/dump.pcap -b filesize:10000 -b files:100
(where X is the index of the right capture interface.)
This should turn on a max of 100 files * 10000KB = 1GB of maximum used
disk space.
He notes that:
<quote>
We have started the tests as indicated. Initially the filesize was
increasing in a proper manner, i.e. I checked at intervals and it was
for example, 1MB, 4MB, 6MB etc...
However after some time, I checked the filesize again, and found a
number of files with a size of approximately 100 bytes each (1KB size on
disk), which I'm attaching for your comments.
</quote>
Actually, these files contain a *single* (entire) packet!
Anybody knowing what's going on here?
Is this a known bug and can something be done about it?
thanks,
Lars
