Wireshark · Wireshark-users: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels

Wireshark-users: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels

From: Sake Blok <sake@xxxxxxxxxx>

Date: Fri, 9 Aug 2013 17:16:00 +0200

On 9 aug 2013, at 03:05, Laura Chappell wrote:

> Consider using tshark (command-line tool) with the following parameters perhaps…
>  
> tshark –q –z io,stat,3000,ip.addr==192.168.1.0/24,ip.addr==192.168.2.0/24,ip.addr==192.168.3.0/24 > mystats.txt
>  
> No packets are saved during this process – you’re only getting statistics.

Laura, this is not entirely true. As tshark uses dumpcap to capture the traffic, dumpcap will save all the packets in a temporary file from which tshark will read. To monitor the traffic for  a week in this manner will most likely result in a) an out-of-memory error due to the fact that tshark keeps information about each conversation and b) a disk filling up with packet data.

Cheers,
Sake

Follow-Ups:
- Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
  - From: Laura Chappell

References:
- [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
  - From: Gary Drost
- Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
  - From: Hal Wigoda
- Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
  - From: Laura Chappell

Prev by Date: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
Next by Date: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
Previous by thread: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
Next by thread: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
Index(es):
- Date
- Thread