Question

我在openwrt上使用tcpdump捕获数据包并使用netcat将它们发送到raspberry pi。问题是我想使用多个路由器捕获请求，并将它们转发到raspberry pi。

tcpdump -i wlan0 -e -s 256 -l type mgt subtype probe-req |nc 192.168.0.230 22222

我用python脚本接收数据包信息：

import socket

HOST = 'localhost'   # use '' to expose to all networks
PORT = 12345

def incoming(host, port):
  """Open specified port and return file-like object"""
  sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  # set SOL_SOCKET.SO_REUSEADDR=1 to reuse the socket if
  # needed later without waiting for timeout (after it is
  # closed, for example)
  sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  sock.bind((host, port))
  sock.listen(0)   # do not queue connections
  request, addr = sock.accept()
  return request.makefile('r', 0)
# /-- network ---


for line in incoming(HOST, PORT):
  print line,

输出：

15:17:57 801928 3933710786us tsft 1.0 Mb/s 2412 Mhz 11b -38dB signal antanna 1 BSSID: broadcast SA:xxxx  ....

期望的输出：

192.168.0.130 15:17:57 801928 3933710786us tsft 1.0 Mb/s 2412 Mhz 11b -38dB signal antanna 1 BSSID: broadcast SA:xxxx  ....

但是如何将路由器的IP地址添加到命令中呢？所以我可以看到女巫路由器收到了数据包。或者我怎样才能发送和＃34; router1＆＃34;识别路由器？

Answer 1

您可以使用以下脚本向路由器发送额外的字符串：

#! /bin/bash

ip=$(ifconfig wlan0 | grep cast | awk -F: '{print $2}' | awk '{print $1}' )

tcpdump -i wlan0 -e -s 256 -l type mgt subtype probe-req |\
while read line; do
    echo "$ip" "$(date +%T)" "$line"
done | nc 192.168.0.230 22222

它将在tcpdump输出的每一行的开始处插入ip地址和时间戳，并将其传送给netcat。

发送额外的字符串netcat

1 个答案: