I would like to get packet level data traffic captures (.pcap) in Android during a week (in several files if possible).
I thought that I could use tcpdump via Shark, however I find that the capture stops after some time. The biggest packet capture I got is around 40MB. I found out that tcpdump stops/crashes when changing the network interface. For example, when the phone is connected to 3G, when I run tcpdump from Shark I can see the process of tcpdump running until I switch on WiFi.
In the Galaxy S2, when connected via WiFi I have the following interfaces (got by using netcfg in adb shell): lo, svnet0, usb0, sit0, eth0. When I connect via 3G, I get pdp0 instead of eth0.
Is there any way that I can run tcpdump 24/7? Or any way to check when it is running and if it stops make it run again from a Java app? Checking the process of tcpdump or something like this maybe? Or monitoring the status of the network and running tcpdump every time the network is changed?
I had a look to: ReadLine on TCPDump-Buffer sometimes blocks until kill tcpdump , but it does not completely solve my problem.
I am using rooted devices.
