tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BUG FOUNDED (CANT STOP PROCESS)

From: Guy Harris <guy () alum mit edu>
Date: Wed, 7 Dec 2016 15:50:59 -0800
On Nov 28, 2016, at 3:39 PM, Sergio Garcia Gutierrez <sgarcia.app () gmail com> wrote:


When i execute this line "sudo tcpdump -vvv dst host 'your IP' & port 80"
You CANT STOP TCPDUMP using "Ctrl + C".


That's because you made it a background job.

If you type the command

        sudo tcpdump -vvv dst host 'your IP' & port 80

that's interpreted by the shell as the two commands

        sudo tcpdump -vvv dst host 'your IP'

and

        port 80

with an "&" between them.  The "&" means "put the command typed before it into the background, so it runs the command

        sudo tcpdump -vvv dst host 'your IP'

in the background, and then runs the command

        port 80


So i closed terminal and opened new one. I exectued again the same code and
it says to me:

CANT FIND ORDER «port», YOU MAY SAY:
The order «prt» of package «prt» (universe)
The order «pork» of package «pork» (universe)
The order «psort» of package «radiance» (universe)
The order «poet» of package «libpoet-perl» (universe)
The order «sort» of package «coreutils» (main)
port: Cant find an order


It's complaining about the command "port 80"; I guess "port" is a valid command, but "80" isn't a valid argument to it.


[1]+  STOPPED                sudo tcpdump -vvv dst host 'your IP'

[1]-  STOPPED                sudo tcpdump -vvv dst host 'your IP'

[2]+  STOPPED                sudo tcpdump -vvv dst host 'your IP'


That says that there are two

        sudo tcpdump -vvv dst host 'your IP'

commands running in the background.

You need to move them to the foreground to terminate them:

        fg %2

moves the [2] command to the foreground; type ^C.

Then do

        fg %1

to move the [1] command to the foreground, and type ^C.

*Then*, what you need to do is

        sudo tcpdump -vvv "dst host 'your IP' & port 80"

putting the entire filter in quotes, so "&" is treated as part of the filter, rather than as a "put the command in the 
background" indication to the shell, or do

        sudo tcpdump -vvv dst host 'your IP' and port 80

which avoids using "&" - "and" will be treated as part of the filter, rather than as a "put the command in the 
background" indication to the shell.
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: