Professional Web Applications Themes

How to let the tcpdump automatically stop listening? - Linux / Unix Administration

Hi every one: I have one question regarding to the tcpdump: I use the tcpdump to get the packet in the ethernet by the source address. If no packets relating to a current source, how can I ask tcpdump stop the listening automatically? Thanks...

  1. #1

    Default How to let the tcpdump automatically stop listening?

    Hi every one:

    I have one question regarding to the tcpdump:
    I use the tcpdump to get the packet in the ethernet by the source
    address. If no packets relating to a current source, how can I ask
    tcpdump stop the listening automatically?

    Thanks

    yezi Guest

  2. #2

    Default Re: How to let the tcpdump automatically stop listening?

    In article <googlegroups.com>,
    "yezi" <com> wrote:
     

    It sounds like you're looking for an idle timeout in tcpdump. I don't
    think it has such an option.

    --
    Barry Margolin, mit.edu
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Guest

  3. #3

    Default Re: How to let the tcpdump automatically stop listening?

    In article <dca.giganews.com>,
    Barry Margolin <mit.edu> wrote: 
    >
    >It sounds like you're looking for an idle timeout in tcpdump. I don't
    >think it has such an option.
    >[/ref]

    But it wouldn't be too hard to spawn it from a shell script that keeps
    the pid and kills it after x seconds in all cases..

    Ted
    ted@loft.tnolan.com Guest

  4. #4

    Default Re: How to let the tcpdump automatically stop listening?

    The problem is my scripts has tons of tcpdump. I can not manually to
    maintain that task.

    yezi Guest

  5. #5

    Default Re: How to let the tcpdump automatically stop listening?

    In article <googlegroups.com>,
    "yezi" <com> wrote:
     

    well, tcpdump is opensource right? So, modify it to include the timeout
    feature you need.

    --
    DeeDee, don't press that button! DeeDee! NO! Dee...



    Michael Guest

  6. #6

    Default Re: How to let the tcpdump automatically stop listening?

    Le Mon, 26 Sep 2005 08:40:43 -0700, yezi a écrit:
     

    globally replace your tcpdump calls with a _tcpdump shell script
    spawning the tcpdump with a trigger on timeout ...

    One small script, one global replace, shorter than to introduce
    time slips bugs in the code ;-)
    Loki Guest

  7. #7

    Default Re: How to let the tcpdump automatically stop listening?

    In article <7HpZe.2012$%bellsouth.net>,
    tnolan.com (Ted Nolan <tednolan>) wrote:
     
    > >
    > >It sounds like you're looking for an idle timeout in tcpdump. I don't
    > >think it has such an option.
    > >[/ref]
    >
    > But it wouldn't be too hard to spawn it from a shell script that keeps
    > the pid and kills it after x seconds in all cases..[/ref]

    He doesn't want to kill it after x seconds, only if x seconds go by with
    no packets from the given source address.

    I think the way to do this would be spawn tcpdump in the background,
    having it write to a file. Then check every x seconds to see if the
    file's modification time has changed; if not, kill tcpdump and return.

    --
    Barry Margolin, mit.edu
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Guest

  8. #8

    Default Re: How to let the tcpdump automatically stop listening?

    In article <dca.giganews.com>,
    Barry Margolin <mit.edu> wrote: 
    >>
    >> But it wouldn't be too hard to spawn it from a shell script that keeps
    >> the pid and kills it after x seconds in all cases..[/ref]
    >
    >He doesn't want to kill it after x seconds, only if x seconds go by with
    >no packets from the given source address.
    >
    >I think the way to do this would be spawn tcpdump in the background,
    >having it write to a file. Then check every x seconds to see if the
    >file's modification time has changed; if not, kill tcpdump and return.
    >[/ref]

    OK, I had a hard time parsing the desideratum.

    There mignt be some stdio buffering issues there. If it's writing
    stdout to a file, then probably -l for setting line buffering would
    work. If he wants a -w save file I don't see any way to make sure
    that gets flushed for each packet.


    Ted
    ted@loft.tnolan.com Guest

  9. #9

    Default Re: How to let the tcpdump automatically stop listening?

    In article <9eM_e.9104$bellsouth.net>,
    tnolan.com (Ted Nolan <tednolan>) wrote:
     

    I think tcpdump automatically flushes the file when it gets a SIGINT.
    That way you don't lose anything when you Ctl-C it.

    --
    Barry Margolin, mit.edu
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Guest

  10. #10

    Default Re: How to let the tcpdump automatically stop listening?

    In article <dca.giganews.com>,
    Barry Margolin <mit.edu> wrote: 
    >
    >I think tcpdump automatically flushes the file when it gets a SIGINT.
    >That way you don't lose anything when you Ctl-C it.
    >
    >--
    >Barry Margolin, mit.edu[/ref]

    But that's not the problem, unless I'm missing something. Suppose you
    get _one_ packet from your source. Tcpdump does an fwrite, but the stdio
    buffer isn't full so it doesn't get flushed to disk, and the file's
    mod-time (which the script is checking) doesn't change so tcpdump
    could get killed even though it got some traffic.

    Ted
    ted@loft.tnolan.com Guest

Similar Threads

  1. Stop Playing Flash Automatically
    By breeeed in forum Macromedia Flash Player
    Replies: 3
    Last Post: January 30th, 05:53 AM
  2. tcpdump & TCP
    By yezi in forum Linux / Unix Administration
    Replies: 2
    Last Post: August 17th, 04:35 AM
  3. Tcpdump and UDP request from ISP
    By Alain in forum Mac Networking
    Replies: 5
    Last Post: November 10th, 05:05 PM
  4. how can I stop oracle from listening to these ports
    By Didier in forum Oracle Server
    Replies: 2
    Last Post: October 20th, 04:22 PM
  5. tcpdump and libcap on AIX 4.3
    By Shaun Clowes in forum AIX
    Replies: 0
    Last Post: June 29th, 11:12 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139