I use tcpdump on openwrt to capture packets and send them to a raspberry pi with netcat. the problem is that i want to use multiple routers to capture the requests, and forward them to the raspberry pi.
tcpdump -i wlan0 -e -s 256 -l type mgt subtype probe-req |nc 192.168.0.230 22222
And i recieve the packet info with a python script:
import socket
HOST = 'localhost' # use '' to expose to all networks
PORT = 12345
def incoming(host, port):
"""Open specified port and return file-like object"""
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# set SOL_SOCKET.SO_REUSEADDR=1 to reuse the socket if
# needed later without waiting for timeout (after it is
# closed, for example)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((host, port))
sock.listen(0) # do not queue connections
request, addr = sock.accept()
return request.makefile('r', 0)
# /-- network ---
for line in incoming(HOST, PORT):
print line,
output:
15:17:57 801928 3933710786us tsft 1.0 Mb/s 2412 Mhz 11b -38dB signal antanna 1 BSSID: broadcast SA:xxxx ....
desired output:
192.168.0.130 15:17:57 801928 3933710786us tsft 1.0 Mb/s 2412 Mhz 11b -38dB signal antanna 1 BSSID: broadcast SA:xxxx ....
But how can i add the the Ip-address of the router to the command? so i can see witch router received the packet. Or how can i just send and extra string like "router1" to identify the router?
You can send an extra string to the router with the script below:
#! /bin/bash
ip=$(ifconfig wlan0 | grep cast | awk -F: '{print $2}' | awk '{print $1}' )
tcpdump -i wlan0 -e -s 256 -l type mgt subtype probe-req |\
while read line; do
echo "$ip" "$(date +%T)" "$line"
done | nc 192.168.0.230 22222
It will insert ip address and time stamp at the beggining of each line of tcpdump's output and pipe it to netcat.