anonymous-one

Asked: 2013-10-17 04:23:37 +0800 CST2013-10-17 04:23:37 +0800 CST 2013-10-17 04:23:37 +0800 CST

Is there a way to explicitly set the maximum number of packets tcpdump will capture before terminating?

772

We have a small script that essentially does the following:

A) Capture packets using tcpdump and pipe to output file.
B) Run our own clean + sort script on output file.
C) Display results using | sort | etc etc...

So, we were wondering if there is a tcpdump parameter that sets the number of packets tcpdump will capture before exiting?

Thanks.

1 Answers

Voted

Best Answer

jirib
2013-10-17T04:26:24+08:002013-10-17T04:26:24+08:00
tcpdump -c [count] is the option you're looking for.

-c flag, it will capture packets until it is interrupted by a SIGINT or SIGTERM signal or the specified number of packets have been processed.
2

Web Analytics Made Easy - Statcounter