Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: TCPdump script
Top Forums Shell Programming and Scripting TCPdump script Post 302504866 by LivinFree on Tuesday 15th of March 2011 04:00:07 PM
Old 03-15-2011
What worries me is by the end of the day you'll have a bunch of tcpdump processes running, unless you go in and kill them off.

tcpdump might do what you want it to do, needing a script only to start it once per day and stop it once per day. Check 'man tcpdump', specifically for the "-G" and "-w" options.

Also beware logging that much traffic on a busy system. There's no guarantee that you catch every packet, and the chance that you fill you filesystem in short order.

Edit: It looks like the -G option doesn't show up until version 4.0.0 - something like this should work in that version, but I can't test it at the moment:
Code:
# tcpdump -s2000 -w'flowroute-%H%M.pcap' -G900 -W36

Then you'd just need to schedule it to start at 08:00, and it should finish on its own at 17:00. As pointed out above, you'll want to wrap it in a small script for the date handling and to log the output.
Last edited by LivinFree; 03-15-2011 at 05:15 PM..
 

10 More Discussions You Might Find Interesting

1. Programming

How To Use tcpdump

I have two net-card. one is 172.16.24.99(ENG) ,another is 172.16.25.99(ENG-B). Both masks is 255.255.255.0. I will monitor data on the tcp port 8055 in ENG, How do I set option of tcpdump command (2 Replies)
Discussion started by: chenhao_no1
2 Replies

2. UNIX for Dummies Questions & Answers

tcpdump

does anybody know what the -d -dd and -ddd options are used for ? thanks (2 Replies)
Discussion started by: ant04
2 Replies

3. Cybersecurity

i would like to know about tcpdump

i would like to know about tcpdump i would like to use tcpdump to get information about these - Date - time - source hostname - source mac address - source ip address - destination ip address - see outbound only then i use command like this tcpdump -i le0 -n -q -tttt -e src net... (0 Replies)
Discussion started by: chamnanpol
0 Replies

4. IP Networking

i would like to know about tcpdump

i would like to know about tcpdump i would like to use tcpdump to get information about these - Date - time - source hostname - source mac address - source ip address - destination ip address - see outbound only then i use command like this tcpdump -i le0 -n -q -tttt -e src net... (2 Replies)
Discussion started by: chamnanpol
2 Replies

5. Shell Programming and Scripting

Help with script, trying to get tcpdump and rotate the file every 300 seconds

Greetings, I just started using scripting languages, im trying to get a tcpdump in a file, change the file name every 5mins ... this is what i have but its not working ... any suggestions? #!/bin/bash # timeout.sh #timestamp format TIMESTAMP=`date -u "+%Y%m%dT%H%M%S"` #tdump =`tcpdump... (3 Replies)
Discussion started by: livewire
3 Replies

6. Shell Programming and Scripting

write a script to parse some tcpdump output

i am trying to write a script to parse some tcpdump output, in each line of the tcpdump output, I know for sure there are 3 keywords exist: User{different usernamehere} NAS_ipaddr{different ip here} Calling_station{ip or dns name here} But the positions for these 3 keywords in the... (4 Replies)
Discussion started by: fedora
4 Replies

7. Shell Programming and Scripting

tcpdump script to parse "packers captured" details

I want a script that would do as:- a) gives me packet capture account for each time it runs. b) be able to run at a particular time for specific period time duration (1 min). c) for each time it runs it saves the time / day. Is there a way where i can capture the details as seen in the... (2 Replies)
Discussion started by: lazerz
2 Replies

8. Debian

Tcpdump Help !

Hi. Need Help with TcpDump Trying to sniff associatio-request with tcpdump but when i run this tcpdump -i eth0 wlan subtype assoc-req i get this error can anyone help me with this error ? Thanks alot !!:) (1 Reply)
Discussion started by: SoulZB
1 Replies

9. IP Networking

TCPdump

I've recently started learning to use TCPdump, and I find it pretty interesting. There's one thing I don't understand. When I tell it to capture packets on, say, the WiFi interface en1, it often captures packets sent or received by other hosts on the network. How can it do this? My... (3 Replies)
Discussion started by: Ultrix
3 Replies

10. Shell Programming and Scripting

Tcpdump on many machines from single script

Hi all, new to the forum and rusty with my scripting. I am trying to put together a quick and dirty script that will kickoff a tcpdump on multiple machines. Then, another script that will reach out (at a later time) to stop the processes and retrieve the data. It seems fairly easy conceptually... (2 Replies)
Discussion started by: k9sar
2 Replies
All times are GMT -4. The time now is 04:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy