I've been using tcpdump without any issues before this error popped up. I use the following two commands with variations as soon as my server is attacked so the packets automatically get dumped if the packet rate is high.
tcpdump -i eth0 -p -nn -s0 -c 2000 -w $dumpdir/dump.`date +"%Y%m%d-%H%M%S"`.cap
tcpdump -nn -s0 -c 2000 -w $dumpdir/dump.`date +"%Y%m%d-%H%M%S"`.cap
The following error shows up in console as soon as I'm under attack:
tcpdump: can't create rx ring on packet socket: Cannot allocate memory
Using the command manually works so my guess is that something gets overloaded in the event of an attack. Here is my RAM usage though:
root@x:~# free -m
total used free shared buffers cached
Mem: 2004 1255 749 0 1 29
-/+ buffers/cache: 1225 779
Swap: 2047 1095 952
And currently, it is much lower than it used to be when the command worked.
So anyone with an answer to this?
This is probably caused by system getting out of enough memory. I noticed it worked when a high amount of RAM was present.