-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathwiresharkedgerouter.sh
executable file
·64 lines (54 loc) · 1.33 KB
/
wiresharkedgerouter.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/bin/bash
# Author: Jerico Thomas
# Email: [email protected]
# Link: https://github.com/Throdne/EdgerouterWiresharkRemotePacketCapture
# init parameters
USER=""
SERVER=""
PORT="22"
ETH=""
FILTER=""
ERROR=0
# Get parameters
while getopts u:s:p:i:f: option
do
case "${option}"
in
u) USER=${OPTARG};;
s) SERVER=${OPTARG};;
p) PORT=${OPTARG};;
i) ETH=${OPTARG};;
f) FILTER=${OPTARG};;
esac
done
# Checks to see if parameters are set
if [ -z "$USER" ]; then
echo "ERROR: Please provide a USERNAME for the SSH connect with -u"
ERROR=1
fi
if [ -z "$SERVER" ]; then
echo "ERROR: Please provide a SERVER for the SSH connect with -s"
ERROR=1
fi
if [ -z "$PORT" ]; then
echo "ERROR: Please provide a ssh PORT port to connect to server with -p"
ERROR=1
fi
if [ -z "$ETH" ]; then
echo "ERROR: Please provide an ETH port to monitor with -e"
ERROR=1
fi
# Checks to see if ERROR was set to 1, if so terminates the script with error code 1
if [ "$ERROR" -eq 1 ]; then
echo "Terminating..."
exit 1
else
echo "Starting Wireshark..."
if [ ! -z "$FILTER" ]; then
echo "Filter rules: $FILTER"
fi
/Applications/Wireshark.app/Contents/MacOS/Wireshark -k -i <(ssh $USER@$SERVER -p $PORT /usr/sbin/tcpdump -i $ETH $FILTER -U -w - )
exit 0
fi
# Did not exit properly
exit 1