akamilkhan/recordpcap.sh

## recordpcap.sh
#!/bin/bash
# manually join security feeds
TIMEOUT=24h
IFACE=$1
while read p; do
   python udp_sub.py $p $IFACE > /dev/null &
done <<EOF
224.0.31.2 14311
224.0.31.44 14311
224.0.31.23 14311
EOF

sudo timeout $TIMEOUT tcpdump -i $IFACE -n "udp and (host 224.0.31.2 or host 224.0.31.44 or host 224.0.31.23)" -B 16384 -w ch311-24h.pcap

sleep 5
for child in $(jobs -p); do
   kill $child
done
wait $(jobs -p)

## udpsub.py
#!/usr/bin/env python
'''
USAGE: %s <server_ip> <server_port> <interface>
'''
import time
import struct
import socket
import fcntl

import sys
from sys import argv


def recv(port=15310, addr="224.0.32.1", listen="10.0.0.13", buf_size=1024):
    """recv([port[, addr[,buf_size]]]) - waits for a datagram and returns the data."""

    # Create the socket
    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

    # Set some options to make it multicast-friendly
    #s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    try:
        s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
    except AttributeError:
        pass  # Some systems don't support SO_REUSEPORT
    s.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_TTL, 20)
    s.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_LOOP, 1)

    # Bind to the port
    s.bind(('', port))

    # Set some more multicast options
    s.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_IF,
                 socket.inet_aton(listen))
    s.setsockopt(socket.SOL_IP, socket.IP_ADD_MEMBERSHIP,
                 socket.inet_aton(addr) + socket.inet_aton(listen))
    while(1):
        data, sender_addr = s.recvfrom(buf_size)
        print("Addr: ", sender_addr)


def get_ip_address(ifname):
    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    return socket.inet_ntoa(fcntl.ioctl(
        s.fileno(),
        0x8915,  # SIOCGIFADDR
        struct.pack('256s', ifname[:15])
    )[20:24])


if __name__ == '__main__':
    if len(argv) != 4:
        print(__doc__ % argv[0])
    else:
        recv(int(argv[2]), argv[1], get_ip_address(argv[3]))
	#!/bin/bash
	# manually join security feeds
	TIMEOUT=24h
	IFACE=$1
	while read p; do
	python udp_sub.py $p $IFACE > /dev/null &
	done <<EOF
	224.0.31.2 14311
	224.0.31.44 14311
	224.0.31.23 14311
	EOF

	sudo timeout $TIMEOUT tcpdump -i $IFACE -n "udp and (host 224.0.31.2 or host 224.0.31.44 or host 224.0.31.23)" -B 16384 -w ch311-24h.pcap

	sleep 5
	for child in $(jobs -p); do
	kill $child
	done
	wait $(jobs -p)
	#!/usr/bin/env python
	'''
	USAGE: %s <server_ip> <server_port> <interface>
	'''
	import time
	import struct
	import socket
	import fcntl

	import sys
	from sys import argv


	def recv(port=15310, addr="224.0.32.1", listen="10.0.0.13", buf_size=1024):
	"""recv([port[, addr[,buf_size]]]) - waits for a datagram and returns the data."""

	# Create the socket
	s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

	# Set some options to make it multicast-friendly
	#s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
	try:
	s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
	except AttributeError:
	pass # Some systems don't support SO_REUSEPORT
	s.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_TTL, 20)
	s.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_LOOP, 1)

	# Bind to the port
	s.bind(('', port))

	# Set some more multicast options
	s.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_IF,
	socket.inet_aton(listen))
	s.setsockopt(socket.SOL_IP, socket.IP_ADD_MEMBERSHIP,
	socket.inet_aton(addr) + socket.inet_aton(listen))
	while(1):
	data, sender_addr = s.recvfrom(buf_size)
	print("Addr: ", sender_addr)


	def get_ip_address(ifname):
	s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
	return socket.inet_ntoa(fcntl.ioctl(
	s.fileno(),
	0x8915, # SIOCGIFADDR
	struct.pack('256s', ifname[:15])
	)[20:24])


	if __name__ == '__main__':
	if len(argv) != 4:
	print(__doc__ % argv[0])
	else:
	recv(int(argv[2]), argv[1], get_ip_address(argv[3]))