opapacketcapture

Cornelis Technical Documentation

Name

opapacketcapture — Starts capturing packet data.

Syntax

opapacketcapture [-o outfile] [-d devfile] [-f filterfile] [-t triggerfile] [-l triggerlag] [-a alarm] [-p packets] [-s maxblocks] [-v [-v]]

Description

To stop capture and trigger dump, use SIGINT or SIGUSR1. Program dumps packets to file and exits.

Note

Using opapacketcapture with large amounts of traffic can cause performance issues on the given host. Cornelis recommends you use opapacketcapture on hosts with lower packet rates and bandwidth.

Options

--help: Produces full help text.
-o outfile: Specifies the output file for captured packets. Default is packetDump.pcap.
-d devfile: Specifies the device file for capturing packets.
-f filterfile: Specifies the file used for filtering. If absent, no filtering is done.
-t triggerfile: Specifies the file used for triggering a stop capture. If absent, normal triggering is performed.
-l triggerlag: Specifies the number of packets to collect after trigger condition is met, before dumping data and exiting. Default is 10.
-a alarm: Specifies the number of seconds for alarm trigger to dump capture and exit.
-p packets: Specifies the number of packets for alarm trigger to dump capture and exit.
-s maxblocks: Specifies the number of blocks to allocate for ring buffer. Value is in Millions. Default is 2, which corresponds to 128 MiB (1 block = 64 Bytes).
-v: Produces verbose output. (Use verbose Level 1+ to show levels.)

Example

# opapacketcapture
opapacketcapture: Capturing packets using 128 MiB buffer
^C
opapacketcapture: Triggered
Number of packets stored is 100

In the example above, opapacketcapture operates until CTRL+C is entered.

Would you like to provide feedback? Just click here to suggest edits.