Tshark不是通过subprocess.Popen执行的

Question

我尝试在python中执行tshark，如下所示：

class ARPSniffer:
    def testTshark(self, iface):
        print("Testing if tshark works. Using {}".format(iface))

        cmd = "tshark -i " + iface
        args = shlex.split(cmd)
        tshark = subprocess.Popen(args, stdout=PIPE)
        for line in io.TextIOWrapper(tshark.stdout, encoding="utf-8"):
            print(line)

    def run(self, iface):
        try:
            t = Thread(target=self.testTshark, args=(iface, ))
            t.daemon = True
            t.start()
            t.join
        except KeyboardInterrupt:
            print("\nExiting ARP monitor...")
            sys.exit(0)

if __name__ == '__main__':
    iface = 'wlan1'
    arps = ARPSniffer()
    arps.run(iface)

它会打印“测试tshark是否工作。使用wlan1”，但tshark无法启动。我使用top进行了检查，没有任何进程在运行。我做错了什么？我正在使用sudo运行它。

谢谢你们所有人。

Answer 1

正如@Rawing在评论中指出的那样，t.join上有一个拼写错误。如果您想立即看到输出数据包，还应该使用tshark的-l选项。否则tshark会缓冲它们。

import subprocess
from threading import Thread
import shlex
import sys
import io

class ARPSniffer:
    def testTshark(self, iface):
        print("Testing if tshark works. Using {}".format(iface))

        cmd = "tshark -l -i " + iface
        args = shlex.split(cmd)
        tshark = subprocess.Popen(args, stdout=subprocess.PIPE)
        for line in io.TextIOWrapper(tshark.stdout, encoding="utf-8"):
            print("test: %s" % line.rstrip())

    def run(self, iface):
        try:
            t = Thread(target=self.testTshark, args=(iface, ))
            t.daemon = True
            t.start()
            t.join()
        except KeyboardInterrupt:
            print("\nExiting ARP monitor...")
            sys.exit(0)

if __name__ == '__main__':
    iface = 'wlan1'
    arps = ARPSniffer()
    arps.run(iface)

上面的代码适用于Python 3：

$ python3 tmp.py 
Testing if tshark works. Using wlan1
Capturing on 'wlan1'
3 test:     1 0.000000000 192.30.253.124 → 192.168.1.14 TLSv1.2 97 Application Data
test:     2 0.000264000 192.168.1.14 → 192.30.253.124 TLSv1.2 101 Application Data
test:     3 0.097729614 192.30.253.124 → 192.168.1.14 TCP 66 443 → 37756 [ACK] Seq=32 Ack=36 Win=38 Len=0 TSval=722975562 TSecr=2649326593