抓包脚本 

#!/bin/bash
n=1
while true;do
  tcpdumpid=`ps aux | grep tcpdump | awk '/^tcpdump/{print $2}'`
  curl 172.30.3.198:6011 &>/dev/null
  if [ $? -ne 0 ];then
    echo "$n `date +"%Y-%m-%d %T"` ---curl 172.30.3.198 false..." >>./status_error.log
    num=`ps aux | grep tcpdump| wc -l`
    if [ $num -eq 1 ];then
      tcpdump src host 172.30.4.152 and dst host 172.30.3.198 -w ./server_152.cap &
    fi
  else 
    kill $tcpdumpid >/dev/null 2>&1
    [ -f ./server_152.cap ] && mv ./server_152.cap ./server_$(date +%F-%T)_152.cap
    echo "$n `date +"%Y-%m-%d %T"` ---curl 172.30.3.198 ok..." >>./status.log
  fi
  ((n++))
  sleep 2
done

 

posted @ 2018-04-28 10:19  Me-lihu  阅读(6)  评论(0编辑  收藏  举报