0

I have the following TcpDump command written in Python but it doesn't give me any output file with the requested packets although I have TcpDump installed and tested on my Ubuntu VM :

    command = 'sudo /usr/sbin/tcpdump -i eth1 {} -c {} -s 0  -w {}'\
            .format( 'tcp host 10.0.2.15','30000',
                    '/home/results/xyz.pcap')
Mohammad Alqahtani
  • 3
  • 2
  • If you're using Python to perform tcpdump, you might find the Scapy project interesting: http://www.secdev.org/projects/scapy/ , specifically the `sniff` function. – Alex Woolford May 25 '15 at 22:11
  • Thanks for the suggestion; Scapy is very interesting. Nevertheless, the requirement is to use tcpdump. – Mohammad Alqahtani May 27 '15 at 16:38

1 Answers1

0
cat test.py
  import os
  command = '/usr/sbin/tcpdump -i eth1 {} -c {} -s 0  -w {}'.format( 'host 192.168.254.74','30000','res.pcap')
  print(command)
  os.system(command)

sudo python test.py
  /usr/sbin/tcpdump -i eth1 host 192.168.1.10 -c 30000 -s 0 -w res.pcap
  tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 10 bytes
  ^C0 packets captured
  6 packets received by filter
  0 packets dropped by kernel

ls -l | grep test
  -rw------- 1 admin admin        155 Dec  2 23:05 test.py

Seems to work just fine for me. The test file is 'test.py'. I run it under sudo and exit after some time. I can see that 6 packets were captured and the file size is > 0. Make sure the command itself runs properly outside of python.

Maria
  • 33
  • 1
  • 7