tcpdump抓包脚本
#!/bin/bash
#author fan
#for work 抓包工具
#date 2022-02-14
#指定网口
#net_po=eth0
net_po=ens33
#pcap保存路径
#save_path=/mydata/iwall/
save_path=/mnt/hgfs/IWALL_V2X_Security_Middleware/v2xtestsystem/tool
#pid
#pid_path=/mydata/iwall/
pid_path=/mnt/hgfs/IWALL_V2X_Security_Middleware/v2xtestsystem/tool
#保存格式
format=%Y_%m_%d-%H_%M_%S
#抓包的时长(-G秒)
th=300
#抓包的大小(-s 0,默认不限)
size=0
#一次抓多少包(-C,待补充暂不可用)
#once=
start_tcpdump()
{
cd $save_path
#后台执行tcpdump
#nohup /usr/sbin/tcpdump -i $net_po -s $size -G $th -w "$format".pcap > /dev/null &
nohup /usr/sbin/tcpdump -i $net_po -s $size -G $th -w "$format".pcap > /dev/null &
#/usr/bin/ps -ef |grep 'tcpdump -i' |grep -v grep |awk '{print $2}' > $pid_path/tcpdumpservice.pid
/bin/ps -ef |grep 'tcpdump -i' |grep -v grep |awk '{print $2}' > $pid_path/tcpdumpservice.pid
#num=`/usr/bin/ps -ef |grep 'tcpdump -i' |grep -v grep |wc -l`
num=`/bin/ps -ef |grep 'tcpdump -i' |grep -v grep |wc -l`
row=`cat $pid_path/tcpdumpservice.pid |wc -l`
#判断是否运行成功
if [ $num == $row ];then
echo 'tcpdump started'
else
echo "tcpdump is not running or here had some wrong!"
fi
}
stop_tcpdump()
{
#/usr/bin/kill -9 `cat $pid_path/tcpdumpservice.pid |xargs` > /dev/null
/bin/kill -9 `cat $pid_path/tcpdumpservice.pid |xargs` > /dev/null
#echo > $pid_path/tcpdumpservice.pid
#num=`/usr/bin/ps -ef |grep 'tcpdump -i' |grep -v grep |wc -l`
num=`/bin/ps -ef |grep 'tcpdump -i' |grep -v grep |wc -l`
if [ $num -eq 0 ];then
echo "tcpdumpservice stop"
else
echo "this some error"
fi
}
status_tcpdump()
{
trypid=`ps -ef |grep 'tcpdump -i' |grep -v grep |wc -l`
if [ $trypid -eq 0 ];then
echo "tcpdump is not running"
elif [ $trypid -eq 1 ];then
echo "tcpdump is running"
else
echo "I can't judgement"
echo "You can run 'ps -ef |grep tcpdump'.And judge in yourself!"
fi
}
case $1 in
start)
start_tcpdump;;
stop)
stop_tcpdump;;
status)
status_tcpdump;;
*)
echo "Pleae Enter Option [stop|start|status]"
esac*博客内容为网友个人发布,仅代表博主个人观点,如有侵权请联系工作人员删除。
