Okay, this is a bit trickier of a question than my last one. I've been beating my head on this for a couple of weeks, and have almost nothing. So here goes:
I have a reasonably complex capture filter designed to capture packets from rogue DHCP servers on our network. However, the boss wants something that will alert the tech using the machine that the filter is running on that he's got to hunt down a rogue. The only solution I've thought of so far is to use tshark, dumping to a cap file, and have another script running concurrently to check the file every minute or so and alert the user if the size is larger than 0. There's got to be a better way than that, right? Any ideas would be very much appreciated. -Travis
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
