通过ssh提供远程机器。在这台主机上我有个人ssh帐户。在这个帐户上我可以sudo到其他帐户。在其他帐户上,我可以通过sudo调用tcpdump。所以伪脚本看起来像:
ssh myAccount@remoteHost
sudo su - otherAccount
sudo /usr/sbin/tcpdump -i any -n -U -s 0 -w - port 1234
我想从tcpdump到tshark的管道输出,但我有错误。
在cygwin中,我打电话给
ssh -tt myAccount@remoteHost 'sudo su - otherAccount <<EOF
sudo /usr/sbin/tcpdump -i any -n -U -s 0 -w - port 1234
EOF' | /cygdrive/c/Program\ Files/Wireshark/tshark.exe -i -
但我收到以下消息:
Capturing on 'Standard input'
tshark: Error reading from pipe: Operacja ukoĹ"czona pomyĹ>lnie.
(error 0)
0 packets captured
Connection to remoteHost closed.
ssh -tt myAccount@remoteHost 'sudo su - otherAccount <<EOF
sudo /usr/sbin/tcpdump -i any -n -U -s 0 -w - port 1234
EOF'
tcpdump: WARNING: Promiscuous mode not supported on the "any" device
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
我看到tcpdump的一些输出,例如。啜。正好在终端出现:
s
▒ò▒ ♦ ▒▒ q iV▒W\▒♣ 4 4 ♠▒_▒▒m▒ E $b}@ ▒◄▒▒
O}
Oi▒V▒►COPTIONS sip:remoteHost SIP/2.0
Via: SIP/2.0/UDP otherSipHost:57430;branch=z9hG4bKe05fb9ab6ddd10690707
Max-Forwards: 70
To: sip:remoteHost
提前致谢
Krzysiek