Solved

In python how can I redirect the output from tcpdump to a variable

Posted on 2015-01-18
2
1,486 Views
Last Modified: 2015-01-19
Greetings,

I am looking for a way to make this work in python,

f=os.system("tcpdump -l src 172.16.0.3 and dst 172.16.0.33")
print "Dump is ", f

I will then process 'f' downstream of this

This produces an output of tcpdump to the console but nothing to the 'f' string

Thanks,
Ron
0
Comment
Question by:RonWensley
2 Comments
 
LVL 25

Accepted Solution

by:
clockwatcher earned 500 total points
ID: 40556771
I think you'd be much better served by going with a pcap module (https://code.google.com/p/pypcap/) but you can give this a try:
import StringIO
import sys
import shlex
import subprocess
cmd = "/usr/sbin/tcpdump -l src 172.16.0.3 and dst 172.16.0.33"
args = shlex.split(cmd)
tcpdump = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
print "Press CTRL-C to stop tcpdump"
output = StringIO.StringIO()
running = True
while running:
    try:
        data = tcpdump.stdout.readline()
        if len(data):
            output.write(data)
        else:
            running = False
    except KeyboardInterrupt:
        tcpdump.kill()
        data = tcpdump.stdout.readline()
        if len(data):
            output.write(data)
        running = False

lines = output.getvalue().split("\n")
for i, line in enumerate(lines):
    print "{0} => {1}".format(i, line)

Open in new window

0
 

Author Closing Comment

by:RonWensley
ID: 40558346
Thanks for the quick reply.  This is working out great.  I will have a look at the link you offered and see how that can be used.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is an explanation of a simple data model to help parse a JSON feed
A short article about problems I had with the new location API and permissions in Marshmallow
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now