linux shell 想写个脚本,让tcpdump命令抓包并写入文件,执行指定时间后结束进程,然后再开始新一轮抓包
脚本如下:#!/bin/bashdatetime=`date+%F-%H:%M:%S`i=1while[$i-lt5]doecho"startNO.$icaptureda...
脚本如下:
#!/bin/bash
datetime=`date +%F-%H:%M:%S`
i=1
while [ $i -lt 5 ]
do
echo "start NO.$i capture data"
tcpdump -i eth2 -w ./$datetime.cap &
tdid=`pgrep tcpdump`
sleep 7s
echo "$tdid"
kill -9 $tdid
let i++
done
结果只是生产了一个抓包数据文件“2015-07-09-20:21:25.cap”,执行结果如下:
start NO.1 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
2828
start NO.2 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
./test.sh: line 14: 2828 Killed tcpdump -i eth2 -w ./$datetime.cap
2828
5687
./test.sh: line 12: kill: (2828) - No such process
start NO.3 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
./test.sh: line 14: 5687 Killed tcpdump -i eth2 -w ./$datetime.cap
10111
start NO.4 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
./test.sh: line 14: 10111 Killed tcpdump -i eth2 -w ./$datetime.cap
10111
12486
./test.sh: line 12: kill: (10111) - No such process
请问哪里有问题?或是怎么写这个需求的脚本? 展开
#!/bin/bash
datetime=`date +%F-%H:%M:%S`
i=1
while [ $i -lt 5 ]
do
echo "start NO.$i capture data"
tcpdump -i eth2 -w ./$datetime.cap &
tdid=`pgrep tcpdump`
sleep 7s
echo "$tdid"
kill -9 $tdid
let i++
done
结果只是生产了一个抓包数据文件“2015-07-09-20:21:25.cap”,执行结果如下:
start NO.1 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
2828
start NO.2 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
./test.sh: line 14: 2828 Killed tcpdump -i eth2 -w ./$datetime.cap
2828
5687
./test.sh: line 12: kill: (2828) - No such process
start NO.3 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
./test.sh: line 14: 5687 Killed tcpdump -i eth2 -w ./$datetime.cap
10111
start NO.4 capture data
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
./test.sh: line 14: 10111 Killed tcpdump -i eth2 -w ./$datetime.cap
10111
12486
./test.sh: line 12: kill: (10111) - No such process
请问哪里有问题?或是怎么写这个需求的脚本? 展开
1个回答
展开全部
datetime=`date +%F-%H:%M:%S` 这首源个者山态去掉
抓包改成唯纯
tcpdump -i eth2 -w ./`date +%F-%H:%M:%S` &
或者把 datetime=`date +%F-%H:%M:%S` 放到循环里面
抓包改成唯纯
tcpdump -i eth2 -w ./`date +%F-%H:%M:%S` &
或者把 datetime=`date +%F-%H:%M:%S` 放到循环里面
追问
试了下,是可以循环生产文件了,但只有结束脚本后,最后一个文件有数据,除最后 一个文件其他的文件所是空的,这是为什么?
追答
一边ping着,一边执行脚本
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
