Hi Mark, Here are the answers to your questions:
The permissions on the /data directory is ... # ls -alh /data/ total 4.1M drwxr-xr-x 2 root root 4.0K Feb 3 15:21 . dr-xr-xr-x. 23 root root 4.0K Feb 3 06:49 .. -rw-r--r-- 1 root root 4.0M Feb 3 07:29 502_capture-seed.txt FYI, I am running the command as root. The first command does not work even without the shell expansion date command. I created the seed file using the following command. dd if=/dev/zero of=/data/502_capture-seed.txt bs=$(( 1024 * 1024 )) count=4 All I am doing is trying to run tcpdump so that it will create another file once it has reached 4MB (-C 4). I also want it to be limited to just 10 files(-W 10), to rotate to the next file every 5 minutes (-G 300), and to be compressed everytime it creates a new file (-z bzip2). jerome On Fri, Feb 3, 2012 at 12:15 PM, Mark W. Jeanmougin <[email protected]> wrote: > Hey Jerome, > > > On 02/03/2012 01:53 PM, Jerome Yanga wrote: >> >> When I attempt to run the following command... >> >> tcpdump -i eth0 -s 65535 -w /data/capture_rotate_`date +%Y_%m_%d`.pcap >> -C 4 -W 10 -G 300 -z bzip2 -F /data/capture-seed.txt >> >> ...I get the following error. >> tcpdump: /data/capture_rotate_2012_02_03.pcap0: Permission denied > > > What are the permissions on the /data/ directory? Does the first command > work without the shell expansion date command? > > >> The seed file is just a 4MB file that I had created using dd. >> -rw-r--r-- 1 root root 4.0M Feb 3 07:29 /data/502_capture-seed.txt > > > It looks like the '-F' is for a tcpdump style filter. I'm not sure how you'd > create that with dd... > > Good luck, > > MJ > - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
