0

I am using python to run tcpdump to capture some probe requests from my phone. Right now, I am just printing it to the console.

def dumpNexus(self):
        proc = subprocess.Popen(["sudo", "tcpdump", "-i", "mon.wlan0", "-e", "-s", "0", "type", "mgt", "subtype", "probe-req", "and", "ether host", "bc:f5:ac:f2:xx:xx"], stdout=subprocess.PIPE,)
        for line in iter(proc.stdout.readline,''):
            print proc.stdout.readline()

My problem is that when I run this program, it won't print all of the lines that are being written by tcpdump.
If I run the tcpdump command and compare its output the the python program, the python program has significantly fewer packets displayed.

tcpdump will state that it captured 28 packets but only 11 are outputted through the subprocess stdout.

Any ideas why this is happening?

thanks

Anthony Pham
  • 2,944
  • 5
  • 28
  • 37
user2413192
  • 59
  • 5

2 Answers2

3

The problem is you're calling readline() twice. First time inside of iter and then inside of the loop and so you end up ignoring the line returned by iter. A fix will be:

for line in iter(proc.stdout.readline, ''):
    print line

Or you can simply do:

for line in proc.stdout:
    print line
Ashwini Chaudhary
  • 217,951
  • 48
  • 415
  • 461
1

I believe that for something like this you want tcpdump to be in the "line buffered mode" - use the -l flag.

AMADANON Inc.
  • 5,391
  • 18
  • 30