Need help with Tcpdump in Linux
Hey Guys ,
I came here just to seek some help regarding Tcpdump in Linux . I have certain specific requirements and would be good if any of you can quick suggest a solution to that . Requirement is something like this :
We are having a Linux box with Tcpdump continuously running on it to monitor bunch of sources . Separate Tcpdump process runs in a background for each host for monitoring traffic . I use -w option with it to save the capture in the pcap format to analyze it later .
Now what I need is , if the Linux machine gets rebooted amidst of its packet capturing activity , I want tcpdump to automatically start the process again for every host without overwriting previous captures . Remember : Without overwriting previous captures . .
Basically , I will be keeping all the tcpdump commands in the shell script and will load the script at startup during the linux boot . Is there any way to achieve this case , where by on rebooting , Tcpdump does not overwrite previous captures ? ..
Can somebody quickly suggest some scripting technique to achieve this ?
Thanks in advance .