0

I am running some kismet captures, and I need to continuously parse the outputted PCAP files, so in order to do this I need Kismet to save the file, and start a new one periodically (I use inotify-tools to detect newly created files).

But the problem is I do not find a way for kismet to do it. In man pages i found that -m option allows to limit the file size by packet size, so I ran it like this:

sudo kismet -c wlan0 -m 10

But that did not create multiple files, it carried on just putting all traffic to one file.

Any other ways to somehow make kismet break output to different files? I don't really care about what criteria is used (time, packet count, file size.. I'll take anything)

Thanks!

hyde
  • 60,639
  • 21
  • 115
  • 176
galdikas
  • 1,609
  • 5
  • 19
  • 43
  • I think you might have tagged this question mistakenly with the "kismet" tag, which in this case refers to a scripting tool for the **Unreal game engine** from Epic Games. You probably have better luck getting good answers if you instead add some network-related tags. – David Feb 25 '14 at 14:03
  • @David I never actually heard of such game engine, kismet is as well a tool for capturing wireless network traffic. But just noticed now that actual tag description refers to what yo just mentioned. Ill maybe repost this question in SuperUser or something... – galdikas Feb 25 '14 at 14:28
  • Neither have I :). I just saw the tag description just as you did. Hope you find an answer to your question, good luck! – David Feb 26 '14 at 07:51

1 Answers1

0

I think that you can modify it in the kismet.conf file. There is an option that says writeinterval=300

It means that every 300 seconds the pcap file will be saved. It will make a new file every 300 seconds.If you want a shorter time you can change it.

Hope it helps

agonza1
  • 439
  • 7
  • 20