how to rotate a tcpdump file
Morgan Wesström
freebsd-questions at pp.dyndns.biz
Sat May 23 17:26:42 UTC 2009
Frank Shute wrote:
> On Sat, May 23, 2009 at 02:57:08PM +0300, Yavuz Ma?lak wrote:
>> I wish tcpdump to rotate tcpdump file whose size reaches 10Mbyte.
>>
>> Which command should I use ?
>>
>
> You should be able to set up newsyslog(8) to rotate the dumps.
>
> You want to have a look at newsyslog.conf(5) to craft a line to put in
> your conf file. There are examples to work from in the conf file
> already.
>
> Regards,
Correct me if I'm wrong but wouldn't tcpdump have to be restarted after
the logrotate? I'm under the impression that it would just continue to
output to the old inode even if the file occupying it changes name and
the restart functionality of newsyslog(8) isn't really bright enough to
restart tcpdump with all its initial parameters.
I'm using sysutils/cronolog for my Apache logs so I don't have to
restart Apache at all for the logrotate. Unfortunately cronolog doesn't
seem to have a size option to trigger the rotation though. Maybe there's
another alternative for the OP?
/Morgan
More information about the freebsd-questions
mailing list