Wireshark-users: Re: [Wireshark-users] large capture files

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Abbhishek Misra <abhishekfishy2000@xxxxxxxxx>
Date: Tue, 10 Apr 2012 21:09:14 +0530
Thanks Chris, this is going well.

On Tue, Apr 10, 2012 at 7:03 PM, Christopher Maynard <christopher.maynard@xxxxxxxxx> wrote:
Abbhishek Misra <abhishekfishy2000@...> writes:

> I'm using wireshark to capture wifi packet. 
> When capture is run for long duration,  say 70k+ plus packets, wireshark hangs.
>
> Please let me know what method should be used for large captures.

Try using dumpcap[1] instead, then post-analyze the capture file(s) with
Wireshark afterwards.  Using dumpcap will avoid any potential out-of-memory[2]
problems that can occur with long-running captures.

- Chris

[1]: http://www.wireshark.org/docs/man-pages/dumpcap.html
[2]: http://wiki.wireshark.org/KnownBugs/OutOfMemory


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe