I am running tcpdump
in a subprocess like this:
pcap_process = subprocess.Popen(['tcpdump', '-s 0', '-w -', 'tcp'],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
The -w -
argument is important: it tells tcpdump
to print the resulting .pcap file to stdout
.
I then go on to access a website using urllib.open()
. After this is done, I would like to kill tcpdump
and put whatever it printed into a string. I have tried the following:
pcap_process.terminate()
result = pcap_process.stdout.read() # or readline(), etc.
But (unless I'm doing something wrong), that doesn't work; I killed the process, now there's nothing left to be read. If I use read()
or communicate()
before terminating, my script will just sit there and read on and on, waiting for tcpdump
to finish (which it won't).
Is there a way to do this (preferably without loops)?
Instead of using tcpdump, it's often advisable to use PCAP directly, or Scapy.
If that isn't an option, simply call communicate
after terminate
- killing a process does not kill data in the pipes to it. However, don't forget to separate arguments in the creation of the subprocess ([,'-w', '-']
instead of [... , '-w -', ..]
):
pcap_process = subprocess.Popen(['tcpdump', '-s', '0', '-w', '-', 'tcp'],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With