0

我正在尝试使用来自 JAVA 的 tshark 捕获数据包。[请在下面找到]

如果我尝试从终端(Ubuntu)的命令它的工作。但是从JAVA它的抛出错误tshark:

无效的 -o 标志 "column.format:""source","

我尝试了以下替代方法[错误消息相同]

String[] cmdArray = {"tshark -i any -o column.format:\"source, %s, srcport, %uS\" -f \"port 80 or port 443\""};

和这个:

String[] cmdArray = {"tshark -i any -o column.format:'source, %s, srcport, %uS' -f 'port 80 or port 443'"};


//CommandExc.java

import java.io.*;

import java.util.*;


public class CommandExc
{
public static void main (String args[])
 {

    //This worked Succcessfully
    //String[] cmdArray = {"tshark -D","sudo tshark -D"};

String[] cmdArray = {"tshark -i any -o column.format:\"\"source\", \"%s\",\"srcport\", \"%uS\"\" -f \"port 80 or port 443\""};

    for (String cmd: cmdArray) 
    {
         System.out.println("Executing command : "+cmd);
        try
        {
            Process proc = Runtime.getRuntime().exec(cmd); 
            BufferedReader in = new BufferedReader(new InputStreamReader(proc.getInputStream()));
            String str = in.readLine();
            while(str != null)
            {
                System.out.println(str);
                //  res += str + "\n";
                str = in.readLine();
            }
            in.close();          

            BufferedReader in2 = new BufferedReader(new InputStreamReader(proc.getErrorStream()));
            String str1 = in2.readLine();
            while(str1 != null)
            {
                System.out.println("Inside getErrorStream "+str1);
                //  res += str + "\n";
                str1 = in2.readLine();
            }
            in2.close();

            proc.waitFor();
            System.out.println("Exit value is : "+proc.exitValue());
            proc.destroy();
        }
        catch(IOException | InterruptedException e)
        {
            System.out.println("Exception on CommandExc class :" + e.toString());
                            e.printStackTrace();
        }
    } //end of for
  }
}
4

1 回答 1

0

有效。参考http://ask.wireshark.org/questions/17881/issue-with-tshark-o

Java 应用程序报告无效 -o 标志的问题是因为 Runtime.exec 方法的版本负责将提供的字符串拆分为单独的命令行参数。默认情况下,此方法使用空格、制表符、换行符、回车符和换页符。如您所见,由于 [column.format:\"\"source\",] [\"%s\",] 之间有一个空格字符,因此此版本的 exec 方法将它们视为 2 个不同的参数.

解决方案是使用另一个版本的 Runtime.exec 方法,它将系统命令和参数作为数组参数传入。因此,您可以手动拆分命令行参数并将它们定义为数组参数中的单独字符串,如下所示:

进程 proc = Runtime.getRuntime().exec(new String[] { "tshark", "-i", "any", "-o", "column.format:\"source\", \"%s\ ", \"srcport\", \"%uS\"", "-f", "端口 80 或端口 443"});

于 2013-01-24T12:31:00.463 回答