当我用这个执行python脚本时:
tsharkCall = ["tshark", "-a", "duration:6", "-i", "2", "-w", "thsark.pcap"]
tsharkProc = subprocess.Popen(tsharkCall, bufsize=0, executable="C:\\Program Files\\Wireshark\\tshark.exe")
包含预期内容的pcap文件与脚本位于同一文件夹中。
从pcap创建文本文件的第二个步骤不起作用:
tsharkCall = ["tshark", "-i", "-", "<", "tshark.pcap", ">", "tshark.txt", "-V"]
tsharkProc = subprocess.Popen(tsharkCall, bufsize=0, executable="C:\\Program Files\\Wireshark\\tshark.exe")
我在cmd窗口中看到“捕获标准输入”,但没有“捕获x个数据包”,文件夹中没有出现tshark.txt文件。
在同一位置的命令提示符下,这是我希望从脚本中完成的工作:
>"C:\Program Files\Wireshark\tshark.exe" -i - < "tshark.pcap" > "tshark.txt" -V
一个呼叫有效,另一个呼叫无效,这似乎很奇怪。关于我缺少的任何想法?
答案 0 :(得分:2)
subprocess.Popen会绕过CMD.EXE / sh,因此命令行I / O重定向(<,>)将无效。你可以得到类似的效果:
tsharkCall = ["tshark", "-i", "-", "-V"]
tsharkIn = open("tshark.pcap", "rb")
tsharkOut = open("tshark.txt", "wb")
tsharkProc = subprocess.Popen(tsharkCall,
stdin=tsharkIn,
stdout=tsharkOut,
executable="C:\\Program Files\\Wireshark\\tshark.exe")
答案 1 :(得分:2)
这也有效
tsharkCall = ["C:\\Program Files\\Wireshark\\tshark.exe", "-P", "-V", "-x", "-r", "C:\\Data\\PCAP_TEST_FILES\\test.pcap"]
tsharkOut = open("tshark.txt", "wb")
tsharkProc = subprocess.call(tsharkCall, stdout=tsharkOut)