Should be simple enough to write a small perl script that you can run out of
cron to trigger tethereal that does similar to below, but slightly cleaner:
just do something like:
if ( $childpid = fork )
{
system("run tethereal cmd you want");
exit;
}
sleep(6*60*60); # 6 hours
kill 9, $childpid;
I'm sure you could do something nicer, but that's the basic approach. No
sense in having the perl script stay running that whole time/etc unless
you're going to process tethereal output with the perl script.
-- Nathan
> -----Original Message-----
> From: Guy Harris [mailto:gharris@xxxxxxxxxxxx]
> Sent: Friday, December 22, 2000 3:38 PM
> To: Jae Kim
> Cc: 'ethereal-users@xxxxxxxxxxxx'
> Subject: Re: [Ethereal-users] Is ethereal schedulable ?
>
>
> On Fri, Dec 22, 2000 at 11:39:01AM -0800, Jae Kim wrote:
> > Hi, I am newbie to ethereal.
> > I was wondering if ethereal could be scheduled to do the
> batch of tasks.
> > For example, if I set it to start capturing packets every
> morning at 8 AM
> > till 5 PM and save it to the file.
> > Is this possible with ethereal ?
>
> It *might* be possible with Tethereal, at least on some platforms, but
> it's not possible with Tethereal by itself.
>
> At least on a UNIX system, you could use "cron" to start running
> Tethereal (you want Tethereal, not Ethereal, for an automated
> task such
> as this) at approximately 8AM (you could create a cron job to start it
> at 8AM, but there's no guarantee that the capture would start
> *exactly*
> at 8AM, as it'd take some time for "cron" to start running Tethereal,
> and some time for Tethereal to start up.
>
> To stop the capture, you'd have to somehow arrange to save the process
> ID of the Tethereal process to a file - for example, have the cron job
> not run Tethereal directly, but run a script such as
>
> tethereal -i fxp0 -w /usr/jaekim/capture-file.pcap &
> echo $! >/usr/jaekim/tethereal.pid
>
> which would run "tethereal", capturing from the "fxp0" network
> interface, and writing to the file "/usr/jaekim/capture-file.pcap", in
> the background, and would then write the process ID of the
> most recently
> started background process - i.e., the Tethereal process - to the file
> "/usr/jaekim/tethereal.pid".
>
> You would then have *another* cron job that, at 5PM, did
>
> kill -INT `cat /usr/jaekim/tethereal.pid`
>
> which means it'll send a SIGINT signal - which is the signal that a ^C
> from the keyboard sends - to the process whose process ID is
> in the file
> "/usr/jaekim/tethereal.pid", i.e. to the Tethereal process. Tethereal
> catches the SIGINT signal, and closes the capture file and exits.
>
> If you're running Windows, it may or may not be possible; there's an
> "AT" service on Windows NT that might be able to run programs at
> particular times, but I don't know whether there's any way to do the
> equivalent of the
>
> kill -INT `cat /usr/jaekim/tethereal.pid`
>
> to make Tethereal think somebody typed ^C at it.
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>