这里使用的华硕的路由器,tcpdump工具下载,这个是一个静态工具,下载即可用。
Index of /binary/tcpdump/ - KoolCenter 固件下载服务器
#! /bin/sh
USB=/mnt/sda4
CAPS_DIR=$USB
# 如果U盘空间不够,需要清理空间出来
clean_space() {
echo "start clean space"
file=`ls -t $CAPS_DIR/*.cap* | tail -1`
echo delete file: $file
rm -rf $file
}
# 检查U盘空间,如果不够,需要删除旧的cap文件
check_space(){
echo "start check space"
cursize=`df | grep mnt | awk '{print $4}'`
#minsize=30200000
min_size=2048000
count=0
while [ $cursize -lt $minsize -a $count -lt 5 ] ; do
echo check_space cur free size:$cursize
clean_space
count=$(($count+1))
cursize=`df | grep mnt | awk '{print $4}'`
done
if [ $cursize -lt $minsize ]; then
echo "space too small"
return 1
else
echo "space ok"
return 0
fi
}
# 检测是否插上了USB
check_usb(){
USB=`df | grep mnt | awk '{print $6}'`
CAPS_DIR=$USB
# USB可能为空,要先判断
if [[ -z $USB ]]; then
return 1
fi
echo start check $USB
if [ -d $USB ]; then
check_space
return $?
else
return 1
fi
}
last_time=0
curr_time=`date +%s`
# 如果没有检测到U盘,需要随机sleep一个时间,以让出CPU
randon_sleep() {
curr_time=`date +%s`
tx=`shuf -i 0-20 -n 1`
if [ $(($last_time + 10)) -gt $curr_time ]; then
echo less than 10 seconds, sleep 5
sleep 5
fi
echo randon sleep $tx
sleep $tx
}
# main入口函数
main_loop(){
while [ true ]; do
check_usb
if [ $? -ne 0 ]; then
echo "CHECK USB FAIL"
randon_sleep
else
echo CHECK USB OK
#tcpdump..........
/jffs/aimore/tcpdump -i any -C 20M -w $CAPS_DIR/`date +%Y%m%d%H%M%S`.cap
fi
last_time=`date +%s`
done
}
main_loop
更多推荐
路由器检测U盘,如果有则调用tcpdump,抓包文件到U盘
发布评论