具有同步功能的 shell 脚本

发布于 2025-01-05 01:27:08 字数 115 浏览 5 评论 0原文

我必须编写一个脚本,在我的计算机和远程计算机上“同时”获取 tcpdump。也就是说,捕获的开始(第 0 秒)应该是同时的,以便我可以在分析中比较两个 tcpdump。

有什么方法可以实现这个目标吗?

I have to write a script where I take a tcpdump on my machine and on a remote machine "simultaneously". That is the beginning of capture (0th second) should be simultaneous, so that I can compare the two tcpdumps in my analysis.

Is there a way I can achieve this?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

大姐,你呐 2025-01-12 01:27:08

如果您只需要大概的时间(例如,误差幅度在 200 毫秒范围内),那么只需确保两台机器具有相同的时间(例如,通过 NTP),然后使用例如 cron 同时运行这两个命令。

如果您希望更频繁地执行此操作,则可能需要使用 at 命令cron。您可以做一些简单的日期算术,例如,请参阅:

或睡眠直到指定时间:

两个脚本(即本地和远程),然后运行本地命令并使用ssh在远程计算机上运行命令。

如果您可以使用例如Python,则可以使用datetime模块,例如参见:

这个想法几乎是这样的:

  • 获取当前时间
  • 计算目标时间 - 添加一些缓冲秒(例如 10 秒)
  • 运行两个脚本与那个时间作为参数(一个是本地的,一个是使用 ssh 远程的)
  • 在两个脚本中都休眠直到该时间 - 如果您无法在 10 秒内使用 ssh,或者如果需要超过 10 秒,则情况更糟运行本地脚本需要 10 秒,你遇到的问题比这个更严重:)
  • 在两个脚本中运行 tcpdump - 它们应该几乎同步(有一定的容忍度,但我认为不会最近的任何时间都超过 50 毫秒系统)

希望这有帮助。

If you just need approximate time (e.g. with a margin of error in range of, say, 200ms), then just make sure both machines have the same time (e.g. via NTP) and then use e.g. cron to run both commands at the same time.

If you want this to be more often, you might want to use at command instead of cron. You can do some simple date arithmetics, e.g. see this:

or sleep until the specified time:

in both scripts (i.e. local and remote), then run the local command and run the command on the remote machine using ssh.

If you are OK to use e.g. Python, you can make the use of datetime module, e.g. see this:

The idea is pretty much this:

  • Take current time
  • Calculate target time - add some cushion seconds (e.g. 10 seconds)
  • Run both scripts with that time as the parameter (one locally, one remotely with ssh)
  • Sleep until that time in both scripts - if you cannot ssh in 10 seconds or even worse if it takes more than 10 seconds to run local script, you have more serious problems than this one :)
  • Run tcpdump in both scripts - they should be pretty much synced up (with some tolerance, but I don't think it will ever go over 50ms on any recent system)

Hope this helps.

無心 2025-01-12 01:27:08

这是我刚刚写的用于同步多个测试客户端的内容:

#!/usr/bin/python
import time
import sys

now = time.time()
mod = float(sys.argv[1])
until = now - now % mod + mod
print "sleeping until", until

while True:
    delta = until - time.time()
    if delta <= 0:
        print "done sleeping ", time.time()
        break
    time.sleep(delta / 2)

该脚本会休眠直到下一个“舍入”或“锐利”时间。

一个简单的用例是运行 ./sleep.py 10; ./test_client1.py 在一个终端和 ./sleep.py 10; ./test_client2.py 在另一个。

您需要确保机器上的时钟同步。

或者,在 tcpdump 中使用这些选项之一,使用为您提供完整时间戳的选项。

-t
Don't print a timestamp on each dump line.
-tt
Print an unformatted timestamp on each dump line.
-ttt
Print a delta (micro-second resolution) between current and previous line on each dump line.
-tttt
Print a timestamp in default format proceeded by date on each dump line.
-ttttt
Print a delta (micro-second resolution) between current and first line on each dump line.

最后,您可以运行类似 execnet 的命令来(几乎)同时在多台计算机上启动命令。

Here's something I wrote just now to synchronise multiple test clients:

#!/usr/bin/python
import time
import sys

now = time.time()
mod = float(sys.argv[1])
until = now - now % mod + mod
print "sleeping until", until

while True:
    delta = until - time.time()
    if delta <= 0:
        print "done sleeping ", time.time()
        break
    time.sleep(delta / 2)

This script sleeps until next "rounded" or "sharp" time.

A simple use case is to run ./sleep.py 10; ./test_client1.py in one terminal and ./sleep.py 10; ./test_client2.py in another.

You want to make sure clocks on your machines are synchronised.

Alternatively, use one of these options in tcpdump, use something that gives you full timestamp.

-t
Don't print a timestamp on each dump line.
-tt
Print an unformatted timestamp on each dump line.
-ttt
Print a delta (micro-second resolution) between current and previous line on each dump line.
-tttt
Print a timestamp in default format proceeded by date on each dump line.
-ttttt
Print a delta (micro-second resolution) between current and first line on each dump line.

Finally you could run something like execnet to start commands on multiple machines at (almost) the same time.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文