I would like to receive packet level data (.pcap) traffic capture in Android for a week (if possible, in several files).
I thought I could use tcpdump through Shark, but I believe that the capture stops after a while. The biggest batch capture I received is about 40 MB. I found out that tcpdump stops / crashes when the network interface changes. For example, when the phone is connected to 3G, when I start tcpdump from Shark, I see the tcpdump process until I turn on Wi-Fi.
In Galaxy S2, when connected via WiFi, I have the following interfaces (obtained using netcfg in the adb shell): lo, svnet0, usb0, sit0, eth0. When I connect via 3G, I get pdp0 instead of eth0.
Is there a way to run tcpdump 24/7? Or any way to check when it is running, and if it stops making it run again from a Java application? Checking the tcpdump process or something like this maybe? Or monitor network status and run tcpdump every time a network changes?
I looked: ReadLine on TCPDump-Buffer sometimes blocks until kill tcpdump , but this does not completely solve my problem.
I use rooted devices.
source
share