dtanham/persistent_tcpdump.sh

## persistent_tcpdump.sh
#!/bin/sh
#
# Startup script for persistent tcpdump
#

PCAP=/data/tcpdump/tcpdump.pcap
SIZE=100
COUNT=20
PIDFILE=/var/run/tcpdump

start() {
        if [ -f $PIDFILE ]; then
                echo "PID File $PIDFILE exists"
                exit 1
        fi
        tcpdump -nn -w $PCAP -s0 -C $SIZE -W $COUNT -Z root not port 22 > /dev/null 2>&1 &
        echo $! > $PIDFILE
        exit 0
}

stop() {
        if [ ! -f $PIDFILE ]; then
                echo "PID File $PIDFILE does not exist"
                exit 1
        fi
        kill -HUP `cat $PIDFILE` && rm $PIDFILE
        exit $@
}

status() {
        if [ ! -f $PIDFILE ]; then
                echo "PID File $PIDFILE does not exist"
                exit 0
        fi
        ps -fp `cat $PIDFILE`
        exit 0
}

case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  status)
        status
        ;;
  *)
        echo "Usage: $0 {start|stop|status}"
        exit 1
esac
	#!/bin/sh
	#
	# Startup script for persistent tcpdump
	#

	PCAP=/data/tcpdump/tcpdump.pcap
	SIZE=100
	COUNT=20
	PIDFILE=/var/run/tcpdump

	start() {
	if [ -f $PIDFILE ]; then
	echo "PID File $PIDFILE exists"
	exit 1
	fi
	tcpdump -nn -w $PCAP -s0 -C $SIZE -W $COUNT -Z root not port 22 > /dev/null 2>&1 &
	echo $! > $PIDFILE
	exit 0
	}

	stop() {
	if [ ! -f $PIDFILE ]; then
	echo "PID File $PIDFILE does not exist"
	exit 1
	fi
	kill -HUP `cat $PIDFILE` && rm $PIDFILE
	exit $@
	}

	status() {
	if [ ! -f $PIDFILE ]; then
	echo "PID File $PIDFILE does not exist"
	exit 0
	fi
	ps -fp `cat $PIDFILE`
	exit 0
	}

	case "$1" in
	start)
	start
	;;
	stop)
	stop
	;;
	status)
	status
	;;
	*)
	echo "Usage: $0 {start\|stop\|status}"
	exit 1
	esac