Good afternoon:
I have a question about the temp files that wireshark/tshark creates in /tmp/wiresharkXXXXX*.
In version 1.0.15 these temp files are not generated, however in version 1.2.15 they are, and we don't want any temp files left over. Nor do I want to have to run a cron script to delete these daily.
Any idea why I am seeing this behavior in these two versions? They both allow the -w flag, however we are not using this flag to control output to file.
I see that we may need to use -b <caption ring bugger option> option which should discard temp files once they fill up the buffer, and generate new ones after.