Prompt for source and destinaiton when running tcpdump

[desperado618]

I would like to write a script that will prompt the user to supply the source and destination ip address to the following command:
tcpdump -nni eth1 src host <SRC> dst host <DST>

Other switches will be used but this is in its simplest form.
I believe I know how to prompt for either src or dst but I cannot figure out how to prompt for both and then input both into tcpdump. Heres what I have

echo "Please enter source address .\b\c"
read src

if [ $src = "REG EXP FOR IP ADDRESSES" ; then
tcpdump -nni eth1 src host $src
else
echo "Please enter a valid Ip address"
fi

 

[p5wizard]

If you know how to prompt for (and read) the variable src...

[tt]echo "Please enter source address .\b\c"
read src[/tt]

...it should be kind of trivial to prompt again (and read) another variable dst?

Testing to see if src and dst are valid IP addresses is something else though. Your [tt]if[/tt] statement won't cut it I'm afraid...


HTH,

p5wizard

 

[PHV]

In your shell man page have a look at the while ... do ... done command.

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886

 

[desperado618]

Im not sure how I would incorporate While, however would this work:

echo “source address?”
read SRC
echo “Destination address?”
read DST
do “tcpdump –nni eth1 src host $SRC dst host $DST”

 

[desperado618]

The above example does not work.

I get the following error prior to being prompted for an address:
: command not found:"

I am then prompted for the addresses and then ge the following error:
" : not a valid identifier: 'SRC"
" : command not found:"
Usage grep [option] etc

When I run the cat/grep line without a variable it works fine.

 

[desperado618]

correction
In order to test locally, I changed the tcpdump to a cat command on a file. The results are the errors above.

 

[elgrandeperro]

Please paste in the entire script. The "do" should be just "echo" for testing.

 

[p5wizard]

[tt]echo “source address?”
read SRC
echo “Destination address?”
read DST
do “tcpdump –nni eth1 src host $SRC dst host $DST”[/tt]

You're typing this in word/wordpad? Then cut/paste into unix script file?

This is messing up your double quotes and unix doesn't understand what you're throwing at it.

It should look like this:
[tt]echo [red]"[/red]source address?[red]"[/red]
read SRC
echo [red]"[/red]Destination address?[red]"[/red]
read DST
[blue]echo "[/blue]tcpdump –nni eth1 src host $SRC dst host $DST[blue]"[/blue][/tt]

After you're satisfied with the test, just leave out the blue parts...


HTH,

p5wizard

 

[desperado618]

THanks P5...I bet thats what it was...Ill update shortly when I have the opportunity to test.

Thanks.

 

[desperado618]

Same problem..See below.

[root@andLinux windows]# cat dumptest.txt
echo "source address?"
read SRC
echo "Destination address?"
read DST
echo "tcpdump nni eth1 src host $SRC dst host $DST"


[root@andLinux windows]# ./dumptest.txt
source address?
10.1.1.1
': not a valid identifieread: `SRC
Destination address?
10.2.2.2
': not a valid identifieread: `DST
tcpdump nni eth1 src host dst host

 

[desperado618]

Fixed...
I had to make the whole script in VI...Notepad was apparently still making formatting changes.
Thanks again.

 

[Annihilannic]

Notepad wasn't making formatting changes, it was saving files in DOS format, which use different line terminators. DOS uses two characters, CR and LF (carriage return and line feed) to end a line, Unix uses LF only.

Annihilannic.