On Jan 14, 2010, at 2:57 AM, Hrishikesh Murali wrote:
> On Thu, Jan 14, 2010 at 5:20 AM, Dai Nish <dai_nish@xxxxxxxxxxx> wrote:
>
>> Please advise me how you could start Wireshark automatically and use it to monitor network traffic at each boot-up.
>
> Just add the line "wireshark&" to /etc/rc.local
...if you're running on a UN*X with an /etc/rc.local. That obviously won't help on Windows.
Note that the X server must be running *before* Wireshark is started, as it's an X11-based application on UN*X.
As others have noted, it's not clear that Wireshark - or even the non-GUI TShark - would be the right tool for this purpose. If somebody wants to record network *usage*, even running dumpcap or "tcpdump -w" might be overkill - capturing traffic won't just give them the amount of network traffic, it'll give you the full *contents* of the network traffic, so if they use, for example, 250GB/month of network traffic, capturing that traffic will consume at least 250GB/month of disk space....