0
I'm not a very experienced script writer at all. I did find some useful hints in generating an stdout
from tcpdump
that generates a live feed if you will which is what I want, the problem is handling the out output and generate dig/DNS queries against another DNS server for a lab.
Give me the output I'm looking for:
tcpdump -lvi any "udp port 53" 2>/dev/null|grep -E 'A\?'|awk '{print $(NF-1)}'
I've tried this just testing adding the output into an array but I get nothing
declare -a testarr
testarr=( $(tcpdump -lvi any "udp port 53" 2>/dev/null|grep -E 'A\?'|awk '{print $(NF-1)}') )
echo ${testarr[@]}
I've also tried
dig @1.1.1.1 $(tcpdump -lvi any "udp port 53" 2>/dev/null|grep -E 'A\?'|awk '{print $(NF-1)}')
Any help is appreciated.
this isn't working for me. I've tried to echo the output -t in case it was running in the background, I've confirmed the dns server is not getting the queries but also confirmed I can make dig queries from this test host. How can I buffer awk? – carter – 2014-09-15T00:12:53.210
you should not buffer awk, quite the contrary - you should flush awk output, also, you should not buffer tcpdump output with
-l
flag and you should note, that grep can buffer output too. I updated my answer to not use any buffers – Alexander Kudrevatykh – 2014-09-15T07:54:55.150This seems to work: "sudo tcpdump -lvi any "udp port 53" 2>/dev/null|grep -E 'A?'|awk '{print $(NF-1); fflush(stdout) }' | xargs -n 1 dig @1.1.1.1"
This puts the prompt into > : "sudo tcpdump -lvi any "udp port 53" 2>/dev/null | awk ‘/A?/{print $(NF-1); fflush()}' | xargs -n 1 dig @1.1.1.1"
I think I have what I need. Do you think this can run in a backgroup process with '%' ?
@AlexanderKudrevatykh – carter – 2014-09-15T11:31:50.830