tcpdump with -w -C -G and -z options - gzip

I'm trying to take continuous traces which are written to files that are limited by both duration (-G option) and size (-C option). The files are automatically named with the -w option, and finally the files are compressed with the -z gzip option. Altogether what I have is:
tcpdump -i eth0 -w /home/me/pcaps/MyTrace_%Y-%m-%d_%H%M%S.pcap -s 0 -C 100 -G 3600 -Z root -z gzip &
The problem is that with the -C option, the current file count is appended onto the name, so I wind up with files ending in: .pcap2.gz .pcap3.gz .pcap4.gz, etc. I would much prefer to have them end as: _2.pcap.gz _3.pcap.gz _4.pcap.gz, etc.
But if I remove .pcap from the -w option, I wind up with 2.gz 3.gz 4.gz
This could work if I could include options in the "-z" command like -z "gzip -S .pcap.gz" so that gzip itself appends the .pcap or if I could use an alias like pcap_gzip="gzip -S .pcap.gz" and then -z pcap_gzip, but neither option seems to be working, the latter producing this error: compress_savefile:execlp(gzip -S pcap.gz, /home/me/pcaps/MyTrace_2018-08-07_105308_27): No such file or directory

I encountered the same problem today, In CentOS6. I found your problem, but the answer did not work to me.
In fact, it only needs to be adjusted slightly, that is, the absolute path of the saved file name and the name of the script to be executed is written, for example
tcpdump -i em1 ... -s 0 -G 10 -w '/home/Svr01_std_%Y%m%d_%H%M%S.pcap' -Z root -z /home/pcapup2arcive.sh

I found out that although the alias doesn't work, I was able to put the same commands in a script and invoke the script via tcpdump -z.
pcap_gzip.sh:
#!/bin/bash
gzip -S .pcap.gz "$#"
Then:
tcpdump -i eth0 -w /home/me/pcaps/MyTrace_%Y-%m-%d_%H%M%S -s 0 -C 100 -G 3600 -Z root -z pcap_gzip.sh &

Related

Escaping karate.fork Commands

I am trying to run the following command in karate using karate.fork
ssh -o ProxyCommand="ssh -W %h:%p -i ~/.ssh/id_rsa root#myjumphost" -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no -o PasswordAuthentication=no root#finaldest echo test
I have broken this up into an array to pass to karate.fork like so:
[
ssh,
-o,
ProxyCommand="ssh -W %h:%p -i ~/.ssh/id_rsa root#myjumphost",
-i,
~/.ssh/id_rsa,
-o,
StrictHostKeyChecking=no,
-o,
PasswordAuthentication=no,
root#finaldest,
echo test
]
Then run the command like so:
* karate.fork(args) where args is the array mentioned above
The command works when I paste it into the terminal and run it manually, however when run with karate.fork I get
zsh:1: no such file or directory: ssh -W finaldest:22 -I ~/.ssh/id_rsa root#myjumphost
kex_exchange_identification: Connection closed by remote host
I have tried adding a few backslashes before the " in the ProxyCommand but no amount of back slashes fixes this issue. I think I am misunderstanding what karate.fork is doing to run the command, is there some internal parsing or manipulating of the given input? I was able to get this command to work when I used useShell: true however this option breaks other tests for me so I would really like to avoid it.
I had to remove the double quotes, seems like they didn't play well with karate.fork and the command still runs without them
[
ssh,
-o,
ProxyCommand=ssh -W %h:%p -i ~/.ssh/id_rsa root#myjumphost,
-i,
~/.ssh/id_rsa,
-o,
StrictHostKeyChecking=no,
-o,
PasswordAuthentication=no,
root#finaldest,
echo test
]

How to enable sshpass output to console

Using scp and interactively entering the password the file copy progress is sent to the console but there is no console output when using sshpass in a script to scp files.
$ sshpass -p [password] scp [file] root#[ip]:/[dir]
It seems sshpass is suppressing or hiding the console output of scp. Is there a way to enable the sshpass scp output to console?
After
sudo apt-get install expect
the file send-files.exp works as desired:
#!/usr/bin/expect -f
spawn scp -r $FILES $DEST
match_max 100000
expect "*?assword:*"
send -- "12345\r"
expect eof
Not exactly what was desired, but better than silence:
SSHPASS="12345" sshpass -e scp -v -r $FILES $DEST 2>&1 | grep -v debug1
Note that -e is considered a bit safer than -p.
Output:
Executing: program /usr/bin/ssh host servername, user username, command scp -v -t /src/path/dst_file.txt
OpenSSH_6.6.1, OpenSSL 1.0.1i-fips 6 Aug 2014
Authenticated to servername ([10.11.12.13]:22).
Sending file modes: C0600 590493 src_file.txt
Sink: C0600 590493 src_file.txt
Transferred: sent 594696, received 2600 bytes, in 0.1 seconds
Bytes per second: sent 8920671.8, received 39001.0
In this way:
output=$(sshpass -p $PASSWD scp -v $filename root#192.168.8.1:/root 2>&1)
echo "Output = $output"
you redirect the console output in variable output.
Or, if you only want to see the console output of scp command, you should add only -v command in your ssh pass cmd:
sshpass -p $PASSWD scp -v $filename root#192.168.8.1:/root

Run RapSearch-Program with Torque PBS and qsub

My problem is that I have a cluster-server with Torque PBS and want to use it to run a sequence-comparison with the program rapsearch.
The normal RapSearch command is:
./rapsearch -q protein.fasta -d database -o output -e 0.001 -v 10 -x t -z 32
Now I want to run it with 2 nodes on the cluster-server.
I've tried with: echo "./rapsearch -q protein.fasta -d database -o output -e 0.001 -v 10 -x t -z 32" | qsub -l nodes=2 but nothing happened.
Do you have any suggestions? Where I'm wrong? Help please.
Standard output (and error output) files are placed in your home directory by default; take a look. You are looking for a file named STDIN.e[numbers], it will contain the error message.
However, I see that you're using ./rapsearch but are not really being explicit about what directory you're in. Your problem is therefore probably a matter of changing directory into the directory that you submitted from. When your terminal is in the directory of the rapsearch executable, try echo "cd \$PBS_O_WORKDIR && ./rapsearch [arguments]" | qsub [arguments] to submit your job to the cluster.
Other tips:
You could add rapsearch to your path if you use it often. Then you can use it like a regular command anywhere. It's a matter of adding the line export PATH=/full/path/to/rapsearch/bin:$PATH to your .bashrc file.
Create a submission script for use with qsub. Here is a good example.

find and replace with variables

I'm trying to find and replace with variables, but it doesn't work.
Here is the code. I need to append -C -w 10% -c 5% -p /u0 to append to the end of a matching line. I do not know how to suppress the (-) Any ideas? Thank you.
OLD=$(command[check_disk]=/usr/local/nagios/libexec/check_disk -w 10% -c 5% -p / -p /var -p /tmp -p /home -p /boot -p /usr -A -e)
NEW=$(command[check_disk]=/usr/local/nagios/libexec/check_disk -w 10% -c 5% -p / -p /var -p /tmp -p /home -p /boot -p /usr -A -e -C -w 10% -c 5% -p /u0)
sed -i "s/$OLD/$NEW/" /home/scripts/nrpe.cfg
Try this (assumes bash):
OLD='command[check_disk]=/usr/local/nagios/libexec/check_disk -w 10% -c 5% -p / -p /var -p /tmp -p /home -p /boot -p /usr -A -e'
NEW='command[check_disk]=/usr/local/nagios/libexec/check_disk -w 10% -c 5% -p / -p /var -p /tmp -p /home -p /boot -p /usr -A -e -C -w 10% -c 5% -p /u0'
oldEscaped=$(sed 's/[^^]/[&]/g; s/\^/\\^/g' <<<"$OLD")
newEscaped=$(sed 's/[\\&/]/\\&/g' <<<"$NEW")
sed -i "s/$oldEscaped/$newEscaped/" /home/scripts/nrpe.cfg
Your first problem was that you mistook $(...) for a string-quoting mechanism (it is not; it's used for command substitution (executing the enclosed command and replacing the construct with the command's output)).
To assign literal strings, simply use single quotes as above.
Your second problem was that you can't blindly pass strings to sed's s (string-substitution) command, because certain characters have special meaning to sed, so to use them literally they have to be escaped - the most obvious problem being the / instances in the strings, which get mistaken for the delimiters of the s/.../.../ command.
Therefore, 2 auxiliary sed commands are used to perform the requisite escaping:
sed 's/[^^]/[&]/g; s/\^/\\^/g' <<<"$OLD" escapes the old string so that none of its characters can be mistaken for the regex delimiter or special regular-expression characters.
sed 's/[\\&/]/\\&/g' <<<"$NEW" escapes the new string so that none of its characters can be mistaken for the regex delimiter or backreferences (such as &, or \1).
Finally, note that it's better not to use all-uppercase shell variable names such as $OLD, so as to avoid conflicts with environment variables.

sudo useradd wont make home directory

I have an automatic script which works, only it just never makes a home directory. The data is extracted from a database.
Heres the script:
$SQL -s -e "SELECT uid, password FROM registrations WHERE processed = 0" \
| while read A B; do
sudo useradd $A -p $B -m /home/
as you can see the -m is there, but it seems to ignore it and never make a home directory and I have no idea why. I must be missing something but i've no idea what
If you run man useradd you'll see that the -m does not expect a parameter.
Running it this way should do the trick (or at least it just did on my Debian Squeeze):
useradd $A -p $B -m
In the man pages you'll also find other useful options such as: -d or -b