Hirsch, Christian wrote:
Hi Comunity,
for traffic post analysis I used crontab to start dumpcap every 10
minutes and the options "-w $date$outname -a duration:600".
The problem is, that if there is noch traffic on the wire, the process
will never be closed and hangs till it sees some IP-Packets.
This causes the machine to start every 10 minutes a new process which
will never close till the machine crash because of too much processes.
The best solution would be that tshark/dumpcap writes a files and if
leave it empty.
After the given duration it should be forced to stop the capture process
even if there was no traffic on the wire.
Maybe somebody can support me by change the source.
The problem you describe is tracked by bug 992:
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=992
The problem with solving it has been discussed on the -dev list before
though I couldn't find the thread this morning.