I am using a Lua script with tshark and when I run it with -V I get the protocol decode output. When I try anything else to limit output to just the Lua decoded data I am not having any luck. i.e.
tshark -X lua_script:my.lua -r input.pcap.gz -w output.pcap -O "my lua protocol" or tshark -X lua_script:my.lua -r input.pcap.gz -w output.pcap -O "my lua protocol" -V
even when I try -O udp -V I do not get the protocol output.
Any ideas?
Related
I need a tshark command so i can create a txt file containing Ipsource>Ipdestination:Info in this order ! i tried this command
tshark -T fields -n -r "C:\Users\dell\Desktop\tracecomplete.pcap" -E separator=, -e ip.src -e ip.dst > "C:\Users\dell\Desktop\walima22.txt"*
but i can't change the separator and show the infos
There are generally 2 solutions for printing specific column data, one using column-specifiers and the other using fields, similar to what you have.
Using column-specifiers:
Standard specifiers as described by tshark.exe -G column-formats:
tshark.exe -n -r "C:\Users\dell\Desktop\tracecomplete.pcap" -o "gui.column.format:\"Source\",\"%s\",\"Destination\",\"%d\",\"Info\",\"%i\""
... or using custom columns for those fields that are supported:
tshark.exe -n -r "C:\Users\dell\Desktop\tracecomplete.pcap" -o "gui.column.format:\"Source\",\"%Cus:ip.src\",\"Destination\",\"%Cus:ip.dst\",\"Info\",\"%i\""
Using Fields:
tshark.exe -n -r "C:\Users\dell\Desktop\tracecomplete.pcap" -T fields -E separator=, -e ip.src -e ip.dst -e _ws.col.Info
but i can't change the separator
You should be able to change it using the -E option. Refer to the tshark man page for more help with this option.
I run
tshark -i eth0 -f "port 80" -w example.pcap
to capture the HTTP traffic. And then I run tshark -r example.pcap -Y xml.tag to filter the xml. Is this the correct way of filtering the API (SOAP/REST)? Are there any other ways of doing it?
I need to hide data that is displayed while executing tshark command line for wireshark:
tshark -i tun0 -T ek -w /home/PCAP_Folder/Sim_Run1st.pcap
I am running two program simultaneously
The following will send the output to /dev/null:
tshark -i tun0 -T ek -w /home/PCAP_Folder/Sim_Run1st.pcap > /dev/null
If you also want to hide any error message:
tshark -i tun0 -T ek -w /home/PCAP_Folder/Sim_Run1st.pcap &> /dev/null
Note that if you also hide the error messages, the -T ek option becomes pointless.
I can not send my spiders.
I use one of the following codes:
docker run -i -t --rm -v /home/raphael/Documents/entreprise/portia/portia-master/test:/app/data/projects:rw -v /home/raphael/Documents/entreprise/portia/res:/mnt:rw -p 9001:9001 scrapinghub/portia \
portiacrawl /app/data/projects/Oscaro www.oscaro.com -o /mnt/Oscaro.jl
docker run -i -t --rm -v /home/raphael/Documents/entreprise/portia/portia-master/test:/app/data/projects:rw -v /home/raphael/Documents/entreprise/portia/res:/mnt:rw -p 9001:9001 scrapinghub/portia \
portiacrawl /app/data/projects/Oscaro
The console me return:
+ action=portiacrawl
+ shift
+ '[' -z portiacrawl ']'
+ case $action in
+ exec portiacrawl /app/data/projects/Oscaro www.oscaro.com -o /mnt/Oscaro.jl
Usage: portiacrawl <project dir/project zip> [spider] [options]
Allow to easily run slybot spiders on console. If spider is not given, print a
list of available spiders inside the project
Options:
-h, --help show this help message and exit
--settings=SETTINGS Give specific settings module (must be on python path)
--logfile=LOGFILE Specify log file
-a NAME=VALUE Add spider arguments
-s NAME=VALUE Add extra scrapy settings
-o FILE, --output=FILE
dump scraped items into FILE (use - for stdout)
-t FORMAT, --output-format=FORMAT
format to use for dumping items with -o (default:
jsonlines)
-v, --verbose more verbose
However, this seems to be a good adaptation of the documentation code:
docker run -i -t --rm -v <PROJECTS_FOLDER>:/app/data/projects:rw -v <OUPUT_FOLDER>:/mnt:rw -p 9001:9001 scrapinghub/portia \
portiacrawl /app/data/projects/PROJECT_NAME SPIDER_NAME -o /mnt/SPIDER_NAME.jl
I am completely new to docker, portia and scrapy.
I have trouble idantifying the sorce of the problem.
By the way, I did not understand the solution proposed here:
https://emu.one/scrapy/823487/how-do-i-start-running-portia-spider-how-to-do-it.html
I do not know if this solution concerns me since it does not seem to be used docker.
I also have a question about the first part of the code. I would like to know what is done that I write:
-v /home/raphael/Documents/entreprise/portia/portia-master/test:/app/data/projects
I thank you in advance
It was necessary to put a relative path. :(
docker run -i -t --rm -v ~/Documents/entreprise/portia/portia-master/test:/app/data/projects:rw -v ~/Documents/entreprise/portia/res:/mnt:rw -p 9001:9001 scrapinghub/portia \
portiacrawl /app/data/projects/Oscaro www.oscaro.com -o /mnt/Oscaro.jl
I've been working on this for some time and nearly got it working. Nearly....
I am creating a script under Win7 Ent that's adding 2 network printers (no printer server - just via IP address). For each printer I want it to create a colour and mono queue - so 4 printer queues in total.
Adding works fine with those commands:
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Operators_Color"
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Operators_MOno"
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Traders_Color"
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Traders_MOno"
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.116mono
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.116color
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.118mono
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.118color
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Operators_Color"
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Operators_MOno"
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Traders_Color"
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -d -p "XXX_Traders_MOno"
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.116mono
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.116color
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.118mono
cscript "C:\XXXXX\Scripts\Prnport.vbs" -d -r IP_XXX.XXX.XXX.118color
cscript "C:\XXXXX\Scripts\Prnport.vbs" -a -r IP_XXX.XXX.XXX.116mono -h XXX.XXX.XXX.116 -o raw -n 9100
cscript "C:\XXXXX\Scripts\Prnport.vbs" -a -r IP_XXX.XXX.XXX.116color -h XXX.XXX.XXX.116 -o raw -n 9100
cscript "C:\XXXXX\Scripts\Prnport.vbs" -a -r IP_XXX.XXX.XXX.118mono -h XXX.XXX.XXX.118 -o raw -n 9100
cscript "C:\XXXXX\Scripts\Prnport.vbs" -a -r IP_XXX.XXX.XXX.118color -h XXX.XXX.XXX.118 -o raw -n 9100
cscript "C:\XXXXX\Scripts\Prndrvr.vbs" -a -m "HP Universal Printing PCL 6" -i C:\XXXXX\Drivers\hpzius23.inf
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -a -p "XXX_Traders_Color" -m "HP Universal Printing PCL 6" -r IP_XXX.XXX.XXX.116color
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -a -p "XXX_Traders_MOno" -m "HP Universal Printing PCL 6" -r IP_XXX.XXX.XXX.116mono
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -a -p "XXX_Operators_Color" -m "HP Universal Printing PCL 6" -r IP_XXX.XXX.XXX.118color
cscript "C:\XXXXX\Scripts\Prnmngr.vbs" -a -p "XXX_Operators_MOno" -m "HP Universal Printing PCL 6" -r IP_XXX.XXX.XXX.118mono'
I hit a wall when trying to set the queues with color / mono setting.
Tried two methods:
Via Powershell Set-PrintConfiguration command:
Set-PrintConfiguration –PrinterName "XXX_Traders_Color" -Color "1"
Set-PrintConfiguration –PrinterName "XXX_Traders_MOno" -Color "0"
Set-PrintConfiguration –PrinterName "XXX_Operators_Color" -Color "1"
Set-PrintConfiguration –PrinterName "XXX_Operators_MOno" -Color "0"
I'm getting below (guessing this is not a command present in Win 7 powershell):
The term 'Set-PrintConfiguration' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and
try again.
I tried using the RUNDLL32 PRINTUI.DLL,PrintUIEntry commands to
export printer configuration with changed mono / color setting (works fine)
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Ss /n "XXX_Operators_MOno" /a "c:\temp\Mirek1.dat" d g
import the file created above into new queue:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Sr /n "NewXXX_Operators_MOno" /a "c:\temp\Mirek1.dat"
But the second command doesn't seem to cause the queue to adjust mono / color setting that was exported in the first instance.
I wonder if anyone here has struggled with similar headache?
Any help much appreciated..
I got this to work by using the u switch (instead of d g). That exports "User DevMode":
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Ss /n "XXX_Operators_MOno" /a "c:\temp\Mirek1.dat" u