Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

pipe operator for windows

by paidcritic (Initiate)
on Mar 02, 2015 at 03:31 UTC ( [id://1118356]=perlquestion: print w/replies, xml ) Need Help??

paidcritic has asked for the wisdom of the Perl Monks concerning the following question:

I am running Win7 and using Strawberry Perl. I am trying to use tshark (the tshark command works from the command line fine) and perl to 'dechunk' the 1 to 3 DIAMETER messages that can be included in a single TCP frame into separate rows in the output file. I get an 'tshark illegal command' message. The error I get is "tshark: An error occurred while printing packets: Invalid argument" This suggests the problem is the 'pipe' operator on line 41 - the '$tsharkcmd .= " -r $input |";' line since this is the only difference from executing the command manually. I cannot seem to find any information on what to replace this with so it will work on a Windows system. 

use strict;

#
# extract DIAMETER chunks into separate rows in a file for analysis
# this version for TCP based DIAMETER interfaces (SWx, STa, Gx, Gxa, S
+6b
#

my %columns = (
# frame
0=>"frame.time",
1=>"frame.number",
2=>"frame.len",
3=>"ip.src",
4=>"tcp.srcport",
5=>"ip.dst",
6=>"tcp.dstport",
# data
7=>"diameter.applicationId",
8=>"diameter.Session-Id",
9=>"diameter.Origin-Host",
10=>"diameter.Destination-Host",
11=>"diameter.User-Name",
12=>"diameter.cmd.code",
13=>"diameter.flags.request",
14=>"diameter.flags.T",
15=>"diameter.Result-Code",
);
print "Start: ", time(), "\n";
my $et = time();
my $framecounter;
my $chunkcounter;

# input and output files
my $input = $ARGV[0];
my $output = $input . ".txt";

my $tsharkcmd = q[c:/progra~1/wireshark/tshark.exe -n -2 -t e -T field
+s];
foreach (sort {$a <=> $b} keys %columns) {
    $tsharkcmd .= " -e $columns{$_}";
}
$tsharkcmd .= " -r $input |";
print "\n", $tsharkcmd, "\n\n";

# open filehandles
open OUT, ">$output" or die "cannot open $output: $!\n";
open TSHARK, $tsharkcmd or die "cannot open tshark: $!\n"; 

# dechunking starts here
# 

print "\nFinished: ", time(), "\n";
$et = time() - $et;
print "elapsed time: $et\n";
my $fps = $framecounter / $et;
my $cps = $chunkcounter / $et;
print "frames processed: $framecounter ($fps/sec)\n";
print "chunks processed: $chunkcounter ($cps/sec)\n";

[download]

Replies are listed 'Best First'.
Re: pipe operator for windows
by NetWallah (Canon) on Mar 02, 2015 at 05:21 UTC
    Have you tried: 
    use warnings;

    [download]
    ?

    As written, your code expects a parameter to be passed specifying what gets passed to the -i option (The interface name).

    I suspect if that is not specified, you could get the error you are seeing.

    So, in addition to BrowserUk's advice, please show the value of $input.(It should be printed as a part of the command line).

            "You're only given one little spark of madness. You mustn't lose it."         - Robin Williams

[reply]
[d/l]
Re: pipe operator for windows
by BrowserUk (Patriarch) on Mar 02, 2015 at 03:47 UTC

    Copy&paste the output from this line:

    print "\n", $tsharkcmd, "\n\n";

    [download]
    With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    "Science is about questioning the status quo. Questioning authority". I'm with torvalds on this
    In the absence of evidence, opinion is indistinguishable from prejudice. Agile (and TDD) debunked
[reply]
[d/l]
Re: pipe operator for windows
by graff (Chancellor) on Mar 02, 2015 at 07:43 UTC
    If the error message you've quoted is all that you're seeing ("tshark: An error occurred while printing packets: Invalid argument"), that strikes me as really poor error reporting by the tshark author(s). You should follow BrowserUK's advice, and when you see the contents of $tsharkcmd as printed by your script, you should copy/paste that string onto the command line to run it manually and see if you get the same error message.

    I looked up the tshark man page, and it seems like your command-line string should be ok, unless (a) as suggested by NetWallah, you forgot to provide an input file name when you ran your script, or (b) you've provided an input file name that doesn't exist (or couldn't be found by tshark, because you didn't provide the correct path as part of the file name), or (c) any of the 15 strings you're using as values for "-e" options happens to be incorrect.

    As for your two "open" statements, did you leave out some lines of code in what you've posted? If not, then your script isn't really finishing the job: you need to read from the TSHARK file handle, and write to the OUT file handle, but there's nothing in the OP code to do that.

    Actually, you don't need to use file handles at all; just append " > $output" at the end of the command-line string, and do: 

    system( $tsharkcmd );

    [download]
[reply]
[d/l]
[select]
Re: pipe operator for windows
by VinsWorldcom (Prior) on Mar 02, 2015 at 15:48 UTC

    A bit of a tangent, but Net::Frame would make this much easier for you.

[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://1118356]
Approved by vinoth.ree
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others learning in the Monastery: (5)
As of 2024-04-18 15:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found