I am new to using subprocess calls. Please help me in figuring out the issue in following script..
I am trying to write a new PCAP file (filter1.pcap) that would contain only packets from a specific IP address (ipadd) from a big set of packets from various IP addresses contained in a larger PCAP file(superset.pcap)
The error is: OSError: [Errno 36] File name too long
The code is as follows:
from subprocess import *
pcapfile = rdpcap("superset.pcap")
ipadd = "192.168.1.1"
fileout = "filter1.pcap"
command = "sudo tcpdump -w %s -r %s src %s" %(fileout,pcapfile,ipadd)
subprocess.call( [command] )
BTW the below command in Linux works perfectly fine:
sudo tcpdump -w filter1.pcap -r superset.pcap src 192.168.1.1
Any help would be great !!
Thank you, cks
This is resolved.. There was a logical error here. I was reading the complete PCAP file using rdpcap and passing the value to tcpdump. So tcpdump was reading the complete file itself as the file name.
I changed the code as below and it's working now !
import os.path
pcapfile = "superset.pcap"
ipadd = "192.168.1.1"
fileout = "filter1.pcap"
command = "sudo tcpdump -w %s -r %s src %s" %(fileout,pcapfile,ipadd)
os.system(command)