Processing Windump output by FOR loop on-the-fly

[Petr Laznovsky]

Trying to parse windump output and "realtime" display part of received packets, but it does not
work. Look like windump does not print necessary EOL characters to FOR loop recognize end-of-line.

I am able to realtime display packets received by windump and writed into the file by "tail -f
file.pcap" utility, but putting this command into FOR loop does not work too.

Is there any way to achive it?

Thanks, L.

[Batchman]

Petr Laznovsky wrote:

> Trying to parse windump output and "realtime" display part of received
> packets, but it does not work. Look like windump does not print necessary
> EOL characters to FOR loop recognize end-of-line.

A search for `wincap +format' found this (and much more)...

https://wiki.wireshark.org/Development/LibpcapFileFormat

Batchman



--- news://freenews.netfront.net/ - complaints: ne...@netfront.net ---

[Petr Laznovsky]

Dne 10.7.2016 v 2:52 Batchman napsal(a):

Same with PacketSender utility, author says program print out packets content when thay arrive. But
FOR loop process everything just after process terminate (this could be very long time in this case,
due to preset timeout). Is this behaviour property of FOR loop or am I doing something wrong?

L.