问题描述
我在使用TCPDump的从我的Android的应用程序的问题。
它应该按行读取tcpdump的线路输出和我的应用程序中处理它。结果的问题是:的结果有时候code正常工作,它会立即读取捕获的数据包。但有时,的ReadLine块,直到我杀了tcpdump过程从Linux控制台(killall tcpdump的)。这样做之后,我的循环处理每行(有时10,有时1或2) - 这意味着,所述的readLine应该工作,但didn't。
结果
我读到类似的问题,但没有找到这个问题的任何解决方案...结果谢谢!
I have a problem using TCPDump from my Android-Application.It is supposed to read the output from tcpdump line by line and process it within my Application.
The Problem is:
Sometimes the code works fine, it reads the captured packets immediately. But sometimes, ReadLine blocks until I kill the tcpdump process from the Linux-Console (killall tcpdump). After doing that, my loop is processed for each line (sometimes 10, sometimes 1 or 2) - which means, the readLine should have worked, but didn´t.
I read about similar problems, but did not find any solution for this problem...
THANKS!!
public class ListenActivity extends Activity {
static ArrayList<Packet> packetBuffer = new ArrayList<Packet>();
static Process tcpDumpProcess = null;
static ListenThread thread = null;
public static final String TCPDUMP_COMMAND = "tcpdump -A -s0 | grep -i -e 'Cookie'\n";
private InputStream inputStream = null;
private OutputStream outputStream = null;
@Override
protected void onStart() {
super.onStart();
try {
tcpDumpProcess = new ProcessBuilder().command("su").redirectErrorStream(true).start();
inputStream = tcpDumpProcess.getInputStream();
outputStream = tcpDumpProcess.getOutputStream();
outputStream.write(TCPDUMP_COMMAND.getBytes("ASCII"));
} catch (Exception e) {
Log.e("FSE", "", e);
}
thread = new ListenThread(new BufferedReader(new InputStreamReader(inputStream)));
thread.start();
}
private class ListenThread extends Thread {
public ListenThread(BufferedReader reader) {
this.reader = reader;
}
private BufferedReader reader = null;
@Override
public void run() {
reader = new BufferedReader(new InputStreamReader(inputStream));
while (true) {
try {
String received = reader.readLine();
Log.d("FS", received);
Packet pReceived = Packet.analyze(received);
if (pReceived != null) {
packetBuffer.add(pReceived);
}
} catch (Exception e) {
Log.e("FSE", "", e);
}
}
}
}
}
推荐答案
由于发送到管道输出通常的块缓冲的,无论是的tcpdump 过程中的和的的的grep 进程将等待,他们已经收到足够的数据来打扰它发送到的您的程序,直到。你很幸运,虽然,你已经选择使用这两个程序都ppared修改其缓冲的行为(使用内部的 setvbuf用来(3)函数$ P $,如果你'再好奇详细信息):
Because output sent to pipes is usually block buffered, both the tcpdump process and the grep process will be waiting until they've received enough data to bother sending it onto your program. You're very lucky though, both programs you have chosen to use are prepared to modify their buffer behavior (using the setvbuf(3) function internally, in case you're curious about the details):
有关的tcpdump(8):
-l Make stdout line buffered. Useful if you want to see
the data while capturing it. E.g.,
``tcpdump -l | tee dat'' or ``tcpdump -l >
dat & tail -f dat''.
有关的grep(1):
--line-buffered
Use line buffering on output. This can cause a
performance penalty.
试试这个:
"tcpdump -l -A -s0 | grep --line-buffered -i -e 'Cookie'\n";
这篇关于READLINE上TCPDump的缓冲区有时会阻塞,直到杀的tcpdump的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!