0

I have basically two lines of code which are:

tcpdump -i eth0 -s 65535 -w - >/tmp/Captures

tshark -i /tmp/Captures -T pdml >results.xml

if I run them both in separate terminals it works fine.

However I've been trying to create a simple bash script that will execute them at the same time, but have had no luck. Bash script is as follows: 

#! /bin/bash
tcpdump -i eth0 -s 65535 -w - >/tmp/Captures &

tshark -i /tmp/Captures -T pdml >results.xml &

If anyone could possibly help in getting this to work or getting it to "run tcpdump until a key is pressed, then run tshark. then when a key is pressed again close."

I have only a little bash scripting experience.

Robert Harvey
  • 178,213
  • 47
  • 333
  • 501
InvertReality
  • 39
  • 2
  • 2
  • 9

1 Answers1

1

Do you need to run tcpdump and tshark separately? Using a pipe command will feed the output of tcpdump to the input of tshark.

tcpdump -i eth0 -s 65535 | tshark -T -pdml > results.xml
suspectus
  • 16,548
  • 8
  • 49
  • 57
  • For that matter, why run `tcpdump` at all? Just allow `tshark` to do the capturing and format the output... – twalberg Feb 21 '13 at 22:43
  • Thanks for the reply. That worked a treat! I can't believe I didn't think of that. Also thanks twalberg for the input, but it is for a little project I am working on and I need to use both tcpdump and tshark. :) – InvertReality Feb 21 '13 at 22:58