我遇到的情况是,当我使用子进程python模块时,“tcprewrite”的代码无法一直执行,除非我删除代码行并再次重写然后运行程序。然后运行一次,然后在剩下的时间内开始失败。我从来没有“tshark”命令的问题。此外,当我从python解释器运行此命令时,它总是像魅力一样工作。只有当我从Python模块运行它时,才遇到这个问题。
command4 = 'tcprewrite --dstipmap=' + natted_clients_ip + ':' + clients_ip + '
--portmap=' + s2c_dport_to_be_changed + ':' + c2s_sport + ' --infile=s2c-' +
rx_stage_pcap + ' --outfile=trw-s2c-' + rx_stage_pcap
p4 = subprocess.Popen(command4,shell=True,bufsize=-1,stdout=subprocess.PIPE)
p4.terminate()
command41 = 'tshark -r trw-s2c-' + rx_stage_pcap
p41 = subprocess.Popen(command41,shell=True,bufsize=-1,stdout=subprocess.PIPE)
p41_stdout = p41.communicate()[0]
print('\n\ttrw-s2c-'+rx_stage_pcap+'\n' )
print(p41_stdout.decode('utf-8'))
p41.terminate()
这是一个输出当它只运行一次时,子进程模块成功运行“tcprewrite”命令,我们能够看到新pcap文件的内容(由tcprewrite命令创建)使用“tshark -r”命令。
(以下是传递的变量的值,这是command4的样子,rx_stage_pcap =“test2.pcap”,natted_clients_ip =“10.73.65.90”,clients_ip =“172.20.100.143”,s2c_dport_to_be_changed =“ 50122“,c2s_sport =”53264“)
>>>
>>> command4 = 'tcprewrite --dstipmap=' + natted_clients_ip + ':' + clients_ip + ' --portmap=' + s2c_dport_to_be_changed + ':' + c2s_sport + ' --infile=s2c-' + rx_stage_pcap + ' --outfile=trw-s2c-' + rx_stage_pcap
>>> command4
'tcprewrite --dstipmap=10.73.65.90:172.20.100.143 --portmap=50122:53264 --infile=s2c-test2.pcap --outfile=trw-s2c-test2.pcap'
>>>
S2C-test2.pcap
1 0.000000 213.211.198.62 10.73.65.90 TCP 66 80 50122 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
2 0.131879 213.211.198.62 10.73.65.90 TCP 54 80 50122 [ACK] Seq=1 Ack=561 Win=30336 Len=0
3 0.154104 213.211.198.62 10.73.65.90 TCP 1514 [TCP segment of a reassembled PDU]
4 0.154226 213.211.198.62 10.73.65.90 TCP 1514 [TCP segment of a reassembled PDU]
5 0.154346 213.211.198.62 10.73.65.90 TCP 63 [TCP Previous segment not captured] [TCP segment of a reassembled PDU]
6 0.154355 213.211.198.62 10.73.65.90 TCP 1514 [TCP Out-Of-Order] 80 50122 [ACK] Seq=2921 Ack=561 Win=30336 Len=1460
TRW-S2C-test2.pcap
1 0.000000 213.211.198.62 172.20.100.143 TCP 66 80 53264 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
2 0.131879 213.211.198.62 172.20.100.143 TCP 54 80 53264 [ACK] Seq=1 Ack=561 Win=30336 Len=0
3 0.154104 213.211.198.62 172.20.100.143 TCP 1514 [TCP segment of a reassembled PDU]
4 0.154226 213.211.198.62 172.20.100.143 TCP 1514 [TCP segment of a reassembled PDU]
5 0.154346 213.211.198.62 172.20.100.143 TCP 63 [TCP Previous segment not captured] [TCP segment of a reassembled PDU]
6 0.154355 213.211.198.62 172.20.100.143 TCP 1514 [TCP Out-Of-Order] 80 53264 [ACK] Seq=2921 Ack=561 Win=30336 Len=1460
但是当我再次为同一个pcap文件重新运行程序时,它会失败,如下所示:
S2C-test2.pcap
1 0.000000 213.211.198.62 10.73.65.90 TCP 66 80 50122 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
2 0.131879 213.211.198.62 10.73.65.90 TCP 54 80 50122 [ACK] Seq=1 Ack=561 Win=30336 Len=0
3 0.154104 213.211.198.62 10.73.65.90 TCP 1514 [TCP segment of a reassembled PDU]
4 0.154226 213.211.198.62 10.73.65.90 TCP 1514 [TCP segment of a reassembled PDU]
5 0.154346 213.211.198.62 10.73.65.90 TCP 63 [TCP Previous segment not captured] [TCP segment of a reassembled PDU]
6 0.154355 213.211.198.62 10.73.65.90 TCP 1514 [TCP Out-Of-Order] 80 50122 [ACK] Seq=2921 Ack=561 Win=30336 Len=1460
tshark: The file "trw-s2c-test2.pcap" doesn't exist.
trw-s2c-test2.pcap
有人可以帮我解决在子进程上传递tcprewrite命令时如何始终获得一致的结果。
使用os.system调用或shlex来解析命令并传递给子进程时,我遇到了类似的问题:
cm4 = shlex.split("tcprewrite --dstipmap=%s:%s --portmap=%s:%s --infile=s2c-%s --outfile=trw-s2c-%s" %(natted_clients_ip,clients_ip,s2c_dport_to_be_changed,c2s_sport,rx_stage_pcap,rx_stage_pcap))
c4= subprocess.Popen(cm4)
c4.terminate()
command41 = 'tshark -r trw-s2c-' + rx_stage_pcap
p41 = subprocess.Popen(command41,shell=True,bufsize=-1,stdout=subprocess.PIPE)
p41_stdout = p41.communicate()[0]
print('\n\ttrw-s2c-'+rx_stage_pcap+'\n' )
print(p41_stdout.decode('utf-8'))
p41.terminate()