This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

piping tshark output to netcat / other networking utility

0

Hi folks,

I need to pipe the results of this:

  sudo tshark -I -l -q -i en1 -T fields -e wlan.sa_resolved -e wlan_mgt.ssid -e radiotap.dbm_antsignal "type mgt subtype probe-req" | sed -e 's:^:/:'

which look like this:

/00:15:99:b3:ec:e1  ZiggoDBD4C  -76
/00:15:99:b3:ec:e1  ZiggoDBD4C  -76
/00:15:99:b3:ec:e1  ZiggoDBD4C  -75

into a networking utility, such as netcat or sendOSC (I'm receiving the results in Puredata). When I try to run somthing like

sudo tshark -I -l -q -i en1 -T fields -e wlan.sa_resolved -e wlan_mgt.ssid -e radiotap.dbm_antsignal "type mgt subtype probe-req" | sed -e 's:^:/:' | nc localhost 9997

I get no output from tshark shown, though when I cancel the tshark scan I had definitely captured packets. Anyone know why this is?

asked 14 Mar '15, 03:22

youcloudsofddom's gravatar image

youcloudsofddom
16559
accept rate: 0%


One Answer:

2

Just like you need to make tshark line-buffered, you also need to make sed line-buffered for data to pass through the pipes real-time. Add -l to the sed command :-)

See this great article on the use of buffers while piping output. Just found it by googling, so thank you for your question ;-)

answered 14 Mar '15, 03:48

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

Ah, thank you again SYN-bit! That article was very useful - turns out what was needed was stdbuf -oL in with the sed command. Didn't even know that pipe had those issues. Thanks for all your help!

(14 Mar '15, 05:18) youcloudsofddom