On Aug 19, 2009, at 12:14 AM, T. Hariharan wrote:
Add an option to stop the capture when the given filter is matched.
Wireshark doesn't have such a feature. However, one of the developers
wrote a program that isn't compiled by default in the root wireshark
directory called trigcap.c for "a simple triggered libpcap-based
capture agent". You may want to take a look at this to get ideas on
how to implement the new feature.
(Sorry if the threading broke, I'm didn't CC the list on the original
reply)
Steve