Tcpdump inside shell script doesn't commit anything

Question

Tcpdump inside shell script doesn't commit anything

I want to run a TCP program and capture related packets, my shell cap.sh script looks like this:

  sudo tcpdump -i eth0 -w mypcap & sleep 3 ./tcp_receiver sleep 2 x=`ps -ef|grep "tcpdump"|grep -v "grep"|awk '{print $2}'` sudo kill -9 $x

I ran cap.sh

  sudo ./cap.sh

so in fact in this shell I can run sudo without a password and the host is just a virtual fragment on the remote machine (PLanetlab node) although I see the tcpdump process from ps -ef it doesn’t ps -ef anything I see that mypcap is 0 bytes after cap.sh completed cap.sh

What are the potential causes? and how to make tcpdump in a shell script capture packets? thanks!

+4

linux tcpdump

misteryes Apr 19 '13 at 2:00

source share

2 answers

One potential reason: eth0 does not exist in a virtualized environment.

0

tink Apr 19 '13 at 2:26

source share

evil otto · Accepted Answer · 2013-04-19T02:11:09+0000

Do not use kill -9 . Not only is this almost always wrong, it can cause a problem here, since buffered data will be discarded, not written to disk. Use regular old kill or kill -2 .

Another option is to add the -U option to clear the output buffer after each packet.

Tcpdump inside shell script doesn't commit anything

More articles: