From 00a7f64159c428c2389ba42fc6d6e887e7006acc Mon Sep 17 00:00:00 2001 From: Andrew McMillan Date: Wed, 14 Nov 2007 15:35:21 +1300 Subject: [PATCH] Tweaks to both of these programs. --- testing/sniffstream | 3 ++- testing/watch-port-80.sh | 24 +++++++++++++++++++++++- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/testing/sniffstream b/testing/sniffstream index 247bbd58..7d1f9bfe 100755 --- a/testing/sniffstream +++ b/testing/sniffstream @@ -53,9 +53,10 @@ while( ) { $source = $2; $dest = $3; } - elsif ( /^\s+(0x....):\s(( [0-9a-f]{4}){1,8})/ ) { + elsif ( /^\s+(0x....):\s(( [0-9a-f]{4}){1,8})/i ) { my $pos = hex($1); my $hex = $2; + next unless defined($hex); if ( $pos == 64 ) { $hex = substr( $hex, 10 ); diff --git a/testing/watch-port-80.sh b/testing/watch-port-80.sh index f57925f6..60cddf29 100755 --- a/testing/watch-port-80.sh +++ b/testing/watch-port-80.sh @@ -3,4 +3,26 @@ PORT=${1:-"80"} IFACE=${2:-"any"} -sudo tcpdump -i $IFACE -s0 -l -n -q -A "tcp port ${PORT} and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" +# Only include packets that contain data +NOTSYNFIN=" and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)" +DUMP="tcp port ${PORT}" + +IPCLAUSE="" +if [ "${IFACE}" != "any" ]; then + IP="`ip addr show dev wlan0 | grep ' inet ' | tr -s ' ' | cut -f3 -d' ' | cut -f1 -d'/'`" + IPCLAUSE=" and ((src host ${IP} and src port ${PORT}) or (dst host ${IP} and dst port ${PORT}))" +fi + +DUMPFILE="dumps/`date '+%FT%T'`.dump" + +# touch "${DUMPFILE}" +sudo tcpdump -i $IFACE -s0 -l -n -q -A "${DUMP}${NOTSYNFIN}${IPCLAUSE}" >"${DUMPFILE}" 2>&1 & +DUMPPID="$!" + +less "${DUMPFILE}" + +sudo kill "${DUMPPID}" + +if [ "`stat --format='%s' \"${DUMPFILE}\"`" -le 230 ] ; then + rm "${DUMPFILE}" +fi