Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Stop tshark capture
Special Forums IP Networking Stop tshark capture Post 302800471 by oti on Tuesday 30th of April 2013 12:22:22 AM
Old 04-30-2013
Unfortunately filtering offline it's not an option as well. The whole point is to model an ongoing scenario and that has to happen in real time.

As I said I'm open to any solution so I don't need to rely exclusively on tshark. I tried something like this:

tshark -i any | grep DIAMETER | awk 'BEGIN {MESSAGES=0}; /DIAMETER/ {if (MESSAGES<=6) MESSAGES++; else exit;}; END {print MESSAGES}'

but that only stopped awk and not tshark. I think I could do a kill on wireshark PID instead of exiting awk but I don't know how to get tshark PID in this setup.

Thanks!
 

10 More Discussions You Might Find Interesting

1. Filesystems, Disks and Memory

How do I stop this???

Am having trouble trying to stop the process below ... bash# ps -eaf | grep "tape erase" root 29715 1 0 05:16:22 ttyp1 00:00:00 tape erase /dev/rStp0 root 22464 20933 1 03:40:12 ttyp6 00:00:00 grep tape eraseI've tried ... `kill -9 29715` ... but still no luck. Help... (8 Replies)
Discussion started by: Cameron
8 Replies

2. Solaris

STOP A sequence

Hi, I have a sun sparc system. I don't have a sun keyboard, hence i connected a pc keyboard. I would like to know the "STOP A" equivalent command to be used on pc keyboard. Regards, Raja (4 Replies)
Discussion started by: RajaRC
4 Replies

3. SCO

stop commands

i hit ping to ping a server, and it keeps going. how do you stop it? ctrl Z, D, C, nothing works. (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies

4. UNIX for Advanced & Expert Users

how to stop others users to stop viewing what i am doing ?

Hi , I have one question, suppose i am a normal user and when i use 'w' command , it shows who is logged on and what they are doing . Now i want to stop others users to know what i am doing accept the root ? can i do this ? thanks (5 Replies)
Discussion started by: mobile01
5 Replies

5. UNIX for Advanced & Expert Users

help me stop spammer

Hello, I am hosting a site that someone is bouncing a huge amount of spam off of and I have not been able to find what file they are using to abuse my server. Short of terminating the account and telling my customer to take a hike I am hoping someone can help me find the file that is being... (1 Reply)
Discussion started by: dorpan
1 Replies

6. UNIX for Dummies Questions & Answers

To Stop at error

Hi All, I am running parallel process as they all run the same JOBS and only thing which changes is the argument which ia passed. I am doing it as follows script.sh $1 & script.sh $2 & script.sh $3 &.. and so on. Now each process has same set of JOBS which are to be executed. Now say... (1 Reply)
Discussion started by: Prashantckc
1 Replies

7. Solaris

stop - A

I am using solaris x86 with a pc keyboard. i am trying to get to the ok prompt i have tried ctrl-break but it is not working , alt-break will not as well. pls any thought? (4 Replies)
Discussion started by: seyiisq
4 Replies

8. Solaris

Stop apache

Hello all. I have a Solaris 10 box and I want to install a later version of Apache than what ships with the OS. Before I install the later version, I want to completely stop the current version of Apache (the httpd service) from running or from starting at boot time. What is the best way to... (3 Replies)
Discussion started by: RobertSubnet
3 Replies

9. Red Hat

How can I stop this???

I have a user ( and actually me too) getting this messages when the screen is idle, I need help on stopping this messages: 2012 Feb 20 13:30:22 servername Audit: LENGTH: "330" SESSIONID: "339384" ENTRYID: "1" STATEMENT: "1" USERID: "OPS$PT2ADM" USERHOST: "zzzzzzzzzzz" ACTION: "100" RETURNCODE:... (2 Replies)
Discussion started by: 300zxmuro
2 Replies

10. IP Networking

Tshark/pcap and web-server response time

Hi everyone! How can I get response time difference between GET and HTTP/1.0 200 OK (i mean time latency of web-server) with using of tshark&shell or something else for each hostname from pcap file? What can you recommend me to do that? (1 Reply)
Discussion started by: lepetal
1 Replies

LEARN ABOUT DEBIAN

dnspktflow

DNSPKTFLOW(1p)						User Contributed Perl Documentation					    DNSPKTFLOW(1p)

NAME

       dnspktflow - Analyze and draw DNS flow diagrams from a tcpdump file

SYNOPSIS

	 dnspktflow -o output.png file.tcpdump

	 dnspktflow -o output.png -x -a -t -q file.tcpdump

DESCRIPTION

       The dnspktflow application takes a tcpdump network traffic dump file, passes it through the tshark application and then displays the
       resulting DNS packet flows in a "flow-diagram" image.  dnspktflow can output a single image or a series of images which can then be shown
       in sequence as an animation.

       dnspktflow was written as a debugging utility to help trace DNS queries and responses, especially as they apply to DNSSEC-enabled lookups.

REQUIREMENTS

       This application requires the following Perl modules and software components to work:

	 graphviz		   (http://www.graphviz.org/)
	 GraphViz		   (Perl module)
	 tshark 		   (http://www.wireshark.org/)

       The following is required for outputting screen presentations:

	 MagicPoint		   (http://member.wide.ad.jp/wg/mgp/)

       If the following modules are installed, a GUI interface will be enabled for communication with dnspktflow:

	 QWizard		   (Perl module)
	 Getopt::GUI::Long	   (Perl module)

OPTIONS

       dnspktflow takes a wide variety of command-line options.  These options are described below in the following functional groups:	input
       packet selection, output file options, output visualization options, graphical options, and debugging.

   Input Packet Selection
       These options determine the packets that will be selected by dnspktflow.

       -i STRING
       --ignore-hosts=STRING
	   A regular expression of host names to ignore in the query/response fields.

       -r STRING
       --only-hosts=STRING
	   A regular expression of host names to analyze in the query/response fields.

       -f
       --show-frame-num
	   Display the packet frame numbers.

       -b INTEGER
       --begin-frame=INTEGER
	   Begin at packet frame NUMBER.

   Output File Options
       These options determine the type and location of dnspktflow's output.

       -o STRING
       --output-file=STRING
	   Output file name (default: out%03d.png as PNG format.)

       --fig
	   Output format should be fig.

       -O STRING
       --tshark-out=STRING
	   Save tshark output to this file.

       -m
       --multiple-outputs
	   One picture per request (use %03d in the filename.)

       -M STRING
       --magic-point=STRING
	   Saves a MagicPoint presentation for the output.

   Output Visualization Options:
       These options determine specifics of dnspktflow's output.

       --layout-style
	   Selects the graphviz layout style to use (dot, neato, twopi, circo, or fdp).

       -L
       --last-line-labels-only
	   Only show data on the last line drawn.

       -z INTEGER
       --most-lines=INTEGER
	   Only show at most INTEGER connections.

       -T
       --input-is-tshark-out
	   The input file is already processed by tshark.

   Graphical Options:
       These options determine fields included in dnspktflow's output.

       -t
       --show-type
	   Shows message type in result image.

       -q
       --show-queries
	   Shows query questions in result image.

       -a
       --show-answers
	   Shows query answers in result image.

       -A
       --show-authoritative
	   Shows authoritative information in result image.

       -x
       --show-additional
	   Shows additional information in result image.

       -l
       --show-label-lines
	   Shows lines attaching labels to lines.

       --fontsize=INTEGER
	   Font Size

   Debugging:
       These options may assist in debugging dnspktflow.

       -d
       --dump-pkts
	   Dump data collected from the packets.

       -h
       --help
	   Show help for command line options.

COPYRIGHT

       Copyright 2004-2012 SPARTA, Inc.  All rights reserved.  See the COPYING file included with the DNSSEC-Tools package for details.

AUTHOR

       Wes Hardaker <hardaker@users.sourceforge.net>

SEE ALSO

       Getopt::GUI::Long(3) Net::DNS(3) QWizard.pm(3)

       http://dnssec-tools.sourceforge.net/

perl v5.14.2							    2012-06-21							    DNSPKTFLOW(1p)
All times are GMT -4. The time now is 11:06 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy