Re: how to call tcpudmp rightly in the sh script with tcpdump expression

[Guy Harris <guy () alum mit edu>]

On Dec 28, 2008, at 5:30 PM, lijx wrote:

> The following call is wrong:
> ------------------------------------------------------------------
>
> #!/bin/sh
> parameters=" -s 96 \'ip host 192.168.0.80\'"
> tcpdump  $parameters   -n -w /opt/nec/wbmc/tcpdump/file.tmp

The filter expression is not specified with a command-line flag, so  
you have to specify it after the command-line flags, so try

        tcpdump -n -w /opt/nec/wbmc/tcpdump/file.tmp $parameters

> while i call this  command directly in the shell terminal,message as  
> the following can be seen:
>
> [root@test tcpdump]# tcpdump -t -s 96 'ip host 192.168.0.80 '   -n - 
> w /opt/nec/wbmc/tcpdump/file.tmp
> tcpdump: WARNING: eth0: no IPv4 address assigned
> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture  
> size 96 bytes
> tcpdump  -s 96 'ip host 192.168.0.80 '   -n -w /opt/nec/wbmc/tcpdump/ 
> file.tmp
>
> It seems it runs normally:
> [root@test ~]# !ps
> ps aux| grep tcpdump
> pcap     28708  1.5  0.5  4688 1044 pts/3    S+   07:41   0:00  
> tcpdump -t -s 96 ip host 192.168.0.80  -n -w /opt/nec/wbmc/tcpdump/ 
> file.tmp

I have no idea why that works - it doesn't work on my machine:

	$ tcpdump -t -s 96 'ip host 192.168.0.80 '   -n -w /opt/nec/wbmc/ 
tcpdump/file.tmp
        tcpdump: WARNING: en0: no IPv4 address assigned
        tcpdump: syntax error

I have to do

        $ tcpdump -t -s 96 -n -w /tmp/file.tmp 'ip host 192.168.0.80 '
        tcpdump: WARNING: en0: no IPv4 address assigned
	tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size  
96 bytes

(I don't have an "/opt/nece/wbmc/tcpdump" directory, so I used /tmp).
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.