I love wireshark and how easy it is to use but it keeps crashing on me so I have to look to something less intensive I guess so I went to tcpdump and figured out how to run it so it will create a file every 20MB just like Wireshark did for up to 1000 files (so 1Gig worth of data) and here is the command I used.

sudo tcpdump -i eth0 -nnvv -w /home/hosangit/captures/ustrocapture.log -W 1000 -C 20,000,000

Reference: tcpdump man

Leave a Reply