0
我想捕獲使用python腳本的兩臺主機之間的數據包。功能如下:tshark給出了無效的捕獲過濾器錯誤
def wire_cap(IP1,IP2,op_fold,file_name,duration): # invoke tshark to capture traffic during session
batcmd='"c:\\Program Files\\Wireshark\\tshark.exe" -i 1 src ' + str(IP1) + ' or src '+ str(IP2) +' -a duration:'+str(duration)+' -P -w '+ op_fold+file_name+'.pcap'
p = subprocess.Popen(batcmd, shell=True,stderr=subprocess.PIPE)
while True:
out = p.stderr.read(1)
if out == '' and p.poll() != None:
break
if out != '':
sys.stdout.write(out)
sys.stdout.flush()
thread.exit()
然而,這提供了以下錯誤:
Capturing on 'Local Area Connection'
tshark: Invalid capture filter "src 172.28.3.87 or src 172.28.3.56 -a duration:40 -P -w C:\Python_Scripts\wire_capture.pcap" for interface 'Local Area Connection'!
That string isn't a valid capture filter (syntax error).
See the User's Guide for a description of the capture filter syntax.
0 packets captured
起初,我以爲這個問題是與界面,這是因爲通過「1」,但經過檢查與Wireshark,似乎沒有問題。我也用官方文件進行了驗證。我通過的每個選項都很好。
我確定我錯過了這裏的東西。接收任何暗示的指示將非常有幫助。
哦。這很有幫助。非常感謝。你的答案完成了這項工作! –