> Write a wrapper Perl script that does the following:
>
> 1) Uses the 'date' function to generate a file name for your capture file.
> 2) Forks a second process.
> a) Parent process simply waits for twenty-four hours, then reaps the
> child.
Well, it has to do more than just reap the child, it also has to kill
the child first.
Tethereal and tcpdump both take SIGTERM - the default signal sent by the
"kill" command (well, unless you're running Sixth Edition, but if you're
running Tethereal or tcpdump, I really doubt you are :-)) - and, if they
get that signal, stop capturing and exit.
Note, though, that this scheme will, unless you start the next day's
capture before killing today's capture, run the risk that you'll not
capture packets between the time when you kill today's capture and start
tomorrow's capture. (Starting the next day's capture first runs the
risk that you'll get packets in both capture files, but I suspect most
users could live with that.)
Tethereal and tcpdump should do about equally well, except that
Tethereal doesn't force you to pass a "-s 65535" argument to it in order
to get more than a measly 68 bytes worth of packet data.
