当我在下面运行Bash shell脚本时,最后一行会报告在捕获29 - 34个数据包时捕获的4到9个数据包的任何地方,它会说" tshark:"结果/ C6- 1 / C6-1n10.pcap"似乎在数据包中间被缩短了。"
如果我在脚本退出后从命令行运行嵌入在此脚本最后一行的tshark命令,则计数是正确的。
我做错了什么?
#!/bin/bash
tshark -i eth1 -a duration:245 -w RESULTS/C6-1/C6-1n10.pcap &> /dev/null &
# tshark seems to take some time to start. Allow for this.
sleep 10
# This takes 225 seconds to run.
mgen flush input C6-1/C6-1n10.mgn 2>&1 | tee RESULTS/C6-1/C6-1n10_mgen_log.txt
mgen_stats RESULTS/C6-1/C6-1n10_mgen_log.txt 20 20 224 20 239 60 2>&1 | tee RESULTS/C6-1/C6-1n10_mgen_analysis.txt
echo 2>&1 | tee -a RESULTS/C6-1/C6-1n10_mgen_analysis.txt
echo 2>&1 | tee -a RESULTS/C6-1/C6-1n10_mgen_analysis.txt
echo 2>&1 | tee -a RESULTS/C6-1/C6-1n10_mgen_analysis.txt
echo "There should be 29 - 34 messages from group 239.0.20.20. The actual count is:" 2>&1 | tee -a RESULTS/C6-1/C6-1n10_mgen_analysis.txt
# Ensure that the tshark instance we started above has time to exit before we start another instance.
sleep 20
echo `tshark -r RESULTS/C6-1/C6-1n10.pcap -R "ip.src == 104.4.20.2 && ip.dst == 239.0.20.20" | wc -l` 2>&1 | tee -a RESULTS/C6-1/C6-1n10_mgen_analysis.txt
答案 0 :(得分:1)
您无法保证初始tshark实例实际上已完成该点。而不是有时猜测和使用睡眠,而是使用wait来强制脚本等待tshark完成。
Waiting for background processes to finish before exiting script
答案 1 :(得分:0)
在TShark 1.12.1版本的tshark过滤器中使用“ wc -l”时,返回不正确的数据包计数(在TShark 1.10.1中可以正常工作)
问题(在TShark 1.10.1中可以正常工作)