Guy, Thank you for
your suggestion and the information that the -B option first showed up
in Wireshark 1.4.0. That was good to know. I was fearing I may have to
build from source but I am concerned about keeping it updated.
Jeff, I tried to install a later version of wireshark 1.4 on my 6.3 box but ran into issues with GTK+ and others
checking for GTK+ - version >= 2.4.0... no
*** Could not run GTK+ test program, checking why...
*** The test program failed to compile or link. See the file config.log for the
*** exact error that occured. This usually means GTK+ is incorrectly installed.
configure: error: GTK+ 2.4 or later isn't available, so Wireshark can't be compiled
- I am new at the whole linux game, would it be possible for you to send me details on how the later version of Wireshark got installed on your 6.1 CentOS machine?
- I am assuming it was installed from source and not from a repository, but if it was from a repository could you let me know which one?
Thanx again everyone - your input is greatly appreciated!
-John
On Wed, Aug 8, 2012 at 1:13 PM, Jeff Morriss
<jeff.morriss.ws@xxxxxxxxx> wrote:
Michael Tuexen wrote:
On Aug 8, 2012, at 7:39 PM, Jeff Morriss wrote:
John Powell wrote:
Hi Everyone,
I am performing a continuous capture of a large IP stream using dumpcap.
I have been told by my users that they are experiencing packet drop.
I am running CentOS 6.3 with:
* wireshark-1.2.15-2.el6_2.1.x86_64
* wireshark-gnome-1.2.15-2.el6_2.1.x86_64
* libpcap-1.0.0-6.20091201git117cb5.el6.x86_64
I found this solution on a Dumpcap man page:
*-B <capture buffer size>*
[...]
but alas this options in not available on my build even though I am running libpcap 1.0.0-6.
*Any suggestions as to how to utilize the capture buffer size option on my machine will be greatly appreciated!*
What kind of error are you getting that says "-B" isn't working? I just tried it on 6.1 and dumpcap did not complain when I gave it the "-B" argument.
Not sure, but wireshark 1.2.15 is pretty old. Does it already support the -B option?
