gifnksm/capture.sh

## capture.sh
#!/bin/bash

message()
{
        echo "$(date +'%Y-%m-%d %T') " $@
}
touch_dir()
{
        if [ ! -d $1 ]
        then
                message "create_dir $1"
                mkdir $1
        fi
}

log_dir="packet"
touch_dir $log_dir

set_dir()
{
        dir_name="$(date +%Y%m%d)"
        dir_path="$log_dir/$dir_name"
}
kill_proc()
{
        message "kill process [$prev_ps]"
        if [ $1 != -1 ] && kill -0 $1 2> /dev/null
        then
                kill -s TERM $1
                wait $1
                message "terminate process [$1]"
        else
                message "process [$1] is already terminated"
        fi
}
when_term()
{
        kill_proc $prev_ps
        kill_proc $running_ps
        message "exit"
}


running_ps=-1
running_dir=""
running_path=""

trap 'when_term' CHLD INT TERM

while :
do
        set_dir
        # wait until dir_name is change
        until [ $dir_name != "$running_dir" ]
        do
                sleep 1m
                set_dir
        done

        # start new process with new dir_name
        prev_ps=$running_ps
        prev_dir=$running_dir
        prev_path=$running_path

        touch_dir $dir_path
        rename .log .old.log $dir_path/*

        message "start new process [dir: $dir_name]"
        /usr/sbin/tcpdump -F"filter.txt" -X -s 200 -i eth0 2> $dir_path/packet_message.log | split -C 10485760 -a 3 -d - $dir_path/packet.log. &

        running_ps=$!
        running_dir=$dir_name
        running_path=$dir_path
        message "running [$running_ps]"

        # kill previous process if it exists
        if [ $prev_ps -ne -1 ]
        then
                kill_proc $prev_ps

                # archive previous logs
                message "archive old [$prev_dir]"
                tar jcf "$log_dir/$prev_dir.tar.bz2" $prev_path

                # delete previous logs
                rm -rf "$prev_path"
        fi
done
	#!/bin/bash

	message()
	{
	echo "$(date +'%Y-%m-%d %T') " $@
	}
	touch_dir()
	{
	if [ ! -d $1 ]
	then
	message "create_dir $1"
	mkdir $1
	fi
	}

	log_dir="packet"
	touch_dir $log_dir

	set_dir()
	{
	dir_name="$(date +%Y%m%d)"
	dir_path="$log_dir/$dir_name"
	}
	kill_proc()
	{
	message "kill process [$prev_ps]"
	if [ $1 != -1 ] && kill -0 $1 2> /dev/null
	then
	kill -s TERM $1
	wait $1
	message "terminate process [$1]"
	else
	message "process [$1] is already terminated"
	fi
	}
	when_term()
	{
	kill_proc $prev_ps
	kill_proc $running_ps
	message "exit"
	}


	running_ps=-1
	running_dir=""
	running_path=""

	trap 'when_term' CHLD INT TERM

	while :
	do
	set_dir
	# wait until dir_name is change
	until [ $dir_name != "$running_dir" ]
	do
	sleep 1m
	set_dir
	done

	# start new process with new dir_name
	prev_ps=$running_ps
	prev_dir=$running_dir
	prev_path=$running_path

	touch_dir $dir_path
	rename .log .old.log $dir_path/*

	message "start new process [dir: $dir_name]"
	/usr/sbin/tcpdump -F"filter.txt" -X -s 200 -i eth0 2> $dir_path/packet_message.log \| split -C 10485760 -a 3 -d - $dir_path/packet.log. &

	running_ps=$!
	running_dir=$dir_name
	running_path=$dir_path
	message "running [$running_ps]"

	# kill previous process if it exists
	if [ $prev_ps -ne -1 ]
	then
	kill_proc $prev_ps

	# archive previous logs
	message "archive old [$prev_dir]"
	tar jcf "$log_dir/$prev_dir.tar.bz2" $prev_path

	# delete previous logs
	rm -rf "$prev_path"
	fi
	done