Sunday, May 1, 2016

Rotating traffic captures using tcpdump

To avoid creating large traffic captures using tcpdump, there are couple of interesting switches in tcpdump command which enable one to create rotating traffic captures, compress it on the fly etc.

ni :specifies the network interface on which to capture traffic
-s :; indicates a capture of the full size of the packet
-vvv : verbose
-w  :  indicates the file name and location in which the capture will be saved
-C  :  indicates the size of each file, after reaching this size file will be rotated
-W  :  indicates the number of files that will be stored
-z  :  to compress the file

For example,

tcpdump -ni eth1 -C 20 -z gzip -w /tmp/trace.pcap

 This would create a file named trace.pcap...trace.pcapX. After 20MB of data, (-C 20) tcpdump would create a file named trace.pcapX and so on. and compress the capture files after tcpdump finished writing to them.

tcpdump -pni eth0 -s0 -C 100 -W 10 -w /tmp/capture

 In this example, tcpdump starts capturing into capture1 until it reaches capture10. When it filled up capture10 with 100MB of data, it starts again, overwriting capture1. This way, your captures
will never use more then 1000MB of disk space.

Posted by at

7 comments:

  1. SuseelaJune 11, 2016 at 4:34 AM


    Everything is fine, am happy about your blog. Thanks admin for sharing the unique content, you have done a great job I appreciate your effort and I hope you will get more positive comments from the web users.

    SEO Company in Chennai

    ReplyDelete
  2. Ancy merinaFebruary 20, 2018 at 11:45 PM

    This comment has been removed by the author.

    ReplyDelete
  3. ShloserJune 6, 2019 at 3:28 AM

    Any idea how to overwrite already compressed files?

    ReplyDelete
  4. VAHİT ALTINJuly 9, 2021 at 5:17 AM

    adana escort - adıyaman escort - afyon escort - aksaray escort - antalya escort - aydın escort - balıkesir escort - batman escort - bitlis escort - burdur escort - bursa escort - diyarbakır escort - edirne escort - erzurum escort - eskişehir escort - eskişehir escort - eskişehir escort - eskişehir escort - gaziantep escort - gebze escort - giresun escort - hatay escort - ısparta escort - karabük escort - kastamonu escort - kayseri escort - kilis escort - kocaeli escort - konya escort - kütahya escort - malatya escort - manisa escort - maraş escort - mardin escort - mersin escort - muğla escort - niğde escort - ordu escort - osmaniye escort - sakarya escort - samsun escort - siirt escort - sincan escort - tekirdağ escort - tokat escort - uşak escort - van escort - yalova escort - yozgat escort - urfa escort - zonguldak escort

    ReplyDelete
  5. AnonymousOctober 15, 2021 at 12:12 AM

    Committing

    Thanks for sharing this post because this very useful and informative thanks again !!

    Bulk SMS Services in Delhi

    seo services company delhi

    ReplyDelete
  6. UnknownMay 16, 2022 at 6:54 PM

    perde modelleri
    numara onay
    mobil ödeme bozdurma
    HTTPS://NFTNASİLALİNİR.COM
    Ankara Evden Eve Nakliyat
    Trafik Sigortası
    DEDEKTÖR
    kurma websitesi
    Ask romanlari

    ReplyDelete
  7. UnknownMay 27, 2022 at 1:01 AM

    SMM PANEL
    smm panel
    Https://isilanlariblog.com
    instagram takipçi satın al
    hirdavatciburada.com
    beyazesyateknikservisi.com.tr
    SERVİS
    tiktok jeton hilesi

    ReplyDelete

Subscribe to: Post Comments (Atom)