I am building a simple network packet capture device consisting of the following hardware:
1. Linksys NSLU2 (slug) with debian/NSLU2 installation.
2. Dualcomm DCGS-2005L Gigabit network TAP switch with port mirroring.
3. Seagate External USB hard drive.
The dualcomm switch plugs into a network and mirrors all packets to a monitoring port where the linksys slug should capture all packets using Wireshark. (or Tshark if it would give better performance) Wireshark should
write its output file to the external USB drive which is plugged into the linksys.
If you accept, your job is to install and configure wireshark or tshark so that it automatically starts capturing packets and writes the to the USB drive the moment the linksys is booted.
I am also open to suggestions if you know a better way to achieve the same functionality.
You will have SSH root access to do the installation.