Hi,

sometimes it is necessary to only dump the network traffic before an event happend. For this cases wirkshark has the command line option for a ringbuffer.

Continue reading Wireshark/tcpdump: Write trace to a ringbuffer file →