[lug] Trapping Tcpdump Output
rm at fabula.de
rm at fabula.de
Sun Oct 7 11:41:47 MDT 2001
On Sun, Oct 07, 2001 at 10:45:29AM -0600, SoloCDM wrote:
> I have tried to trap all the output when I execute tcpdump in the
> following script, without success:
>
> MEGREP=`which -a --skip-alias egrep | sed 's;\(/e\);/.\1;'`
> MEGREP=`echo ${MEGREP} -ie`
> MVAR=/var/log/messages
>
> PPPDEV=`ifconfig -a | ${MEGREP} 'Point-to-Point' | tail --lines=1 |
> gawk -F ' ' '{ print $1 }'`
> { nohup tcpdump -tai ${PPPDEV} | while read MF
> do
> MCHK=`echo "${MF}" | ${MEGREP} icmp`
> [ "${MCHK}" = "" ] && {
> echo "${MF}" >> log-file 2>&1
> }
> done & }
>
>
> When the script starts, it outputs "tcpdump: listening on ppp0"
> without allowing redirecting to a file within in the script. When it
> stops, it outputs "44 packets received by filter, 0 packets dropped
> by kernel" with the same lack of redirection.
>
> In the past, I would execute the script with "tcpdump-icmp >>
> log-file 2>&1" and it worked, but that is redundant when the script
> does it already. I even added the redirection to the end of done,
> but still nothing. Are there any solutions?
Where actually do you redirect stderr (fd 2) in your script?
You execute 'nohup tcpdump -tai ${PPPDEV}' -- at that point 'tcpdump'
inherits stderr from it's invoking shell, and as far as i can tell
there's no redirect of fd 2 for that (you would need to exec with
output redirection for that, or you could run 'nohup ...' in a subshell).
Ralf Mattes
> --
> Note: When you reply to this message, please include the mailing
> list/newsgroup address and my email address in To:.
>
> *********************************************************************
> Signed,
> SoloCDM
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list