I'm running CentOS 5.0 X64 on all these hosts.
#uname -a
Linux lmon1.mia1.plx 2.6.18-8.1.15.el5 #1 SMP Mon Oct 22 08:32:28 EDT 2007 x86_64 x86_64 x86_64 GNU/Linux
No matter how it exits it leaves
these files behind. I pasted this in a previous email but even just running it like this:
#tshark -ni eth5 -c 5
It captures 5 packets then exists cleanly leaving the temp file behind. If I don't use the count
and just ^C it leaves them behind as well.
Thanks,
Dan
On Sun, Jul 20, 2008 at 11:28 PM, Stephen Fisher <
stephentfisher@xxxxxxxxx> wrote:
On Sat, Jul 19, 2008 at 12:26:46PM -0400, Dan Murphy wrote:
> Am I the only person that has reported this behavior or the only
> person that it's actually become an issue for? Is this the expected
> behavior of tshark?
Wireshark/tshark is supposed to clean up these temporary files after it
is done with them. They've been a part of Wireshark/Ethereal for a long
time, including version 0.99.5. I don't see the problem on my system,
although it is saving the temporary files into /var/tmp instead of /tmp
as in your case. How are you terminating tshark? A ^C for me allows
for the cleanup of the temporary file. What type of Unix are you
running?
Steve
