It appears to be a buffering problem.
Thanks to Oisin McGuinness for suggesting this.
Other options suggested were to use tee and nohup, which didn't help
since I wasn't using -l on tcpdump in the first place.
George Gallen
ggallen_at_slackinc.com
-----Original Message-----
From: George Gallen [mailto:ggallen_at_slackinc.com]
Sent: Thursday, March 04, 1999 12:03 PM
To: 'alpha-osf-managers_at_ornl.gov'
Subject: Monitoring tcpdump's output in background...
I'm running DU3.2c presently, but I'm not sure if this is OS ver
dependant or not.
What I want to do is track all ip traffic that is not intended for
or from our system. Our network is on a switched hub, but every
now and then our system slows down and collisions become many.
The tu0 card was set for +p +c.
What I want to do is:
tcpdump ip | grep -v alpha > outputfile &
(alpha is our machine name, so I'm eliminating all traffic to/from it.
there are no other machines in our network with alpha in their name
so this is fine, even if it missed a couple packets)
If I just run 'tcpdump ip | grep -v alpha', it will print out what I
want
at least to the screen. but when I add the ' > outputfile' the size
of the file stays at 0, until I kill the tcpdump process, then it
becomes it's full size.
I tried creating a FIFO file and doing ' | fifofile' instead of '>
outputfile'
but keep getting permission denied, (I chmod 777 on the fifo file and
was
being run as root).
Any ideas on how to place the results of the tcpdump into a file and
be able to monitor it's progress?
George Gallen
ggallen_at_slackinc.com
Received on Thu Mar 04 1999 - 18:20:23 NZDT