Hi Francis,
> Its possible to capture traffic in a 20Mo files and than if its bigger it create a new file?
Yes, you can use the -b filesize:x option. That way tethereal makes
capturefiles of x kilobyes (actually x times 1000 bytes).
> After i want to run a contab to delete files older than 2 days in directory...
If you are worried about running out of space, you can also use the
-b files:y option to make a ring-buffer of files. That way only y files
will be kept and the earlier ones will be deleted. This means that if
traffic increases unexpectedly, you still don't run out of disk-space.
> Some one can help me?
putting it all together, to capture files of 1000000 bytes and only
keeping three at a time would result in:
tethereal -w test.cap -b filesize:1000 -b files:3 &
This would leave you with the following files after a while:
$ ls -l *cap
-rwx------+ 1 blok None 1024402 Feb 17 09:51 test_00008_20060217095109.cap
-rwx------+ 1 blok None 1025438 Feb 17 09:51 test_00009_20060217095113.cap
-rwx------+ 1 blok None 499712 Feb 17 09:51 test_00010_20060217095117.cap
Please also notice the serial number and time that ethereal has added in
the filename before the extension :)
I hope this helps...
Sake