Script don't works

kerogaz

kerogaz

printenv SHELL
/bin/sh

SCRIPT :
Code: 
#!/bin/sh


MONITOR_IP="10.44.1.1"

tcpdump -l -n -i  em1 any port 80 or port 443 |

grep "$MONITOR_IP" |
while read -r line
do
  if [[ "$line" == *"$MONITOR_IP"* ]]; then
    fi
done
Code: 
sudo *MONITOR_IP
Password:
sudo: MONITOR_IP: command not found
(em1 - network card)
 
Why grep the output for a specific IP when you can tell tcpdump(1) to only show the traffic from the IP address you're interested in?

Code: 
tcpdump -l -n -i  em1 host "$MONITOR_IP" and \(port 80 or port 443\)
 
Keep in mind that sudo(8) is used to not only change to root, but this also changes the environment, including the path. sudo /home/pal/MONITOR_IP
 
HOME=/root
export HOME
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:~/bin
export PATH
TERM=${TERM:-xterm}
export TERM
PAGER=less
export PAGER

# set ENV to a file invoked each time sh is started for interactive use.
ENV=$HOME/.shrc; export ENV

# Query terminal size; useful for serial lines.
if [ -x /usr/bin/resizewin ] ; then /usr/bin/resizewin -z ; fi

# Uncomment to display a random cookie on each login.
# if [ -x /usr/bin/fortune ] ; then /usr/bin/fortune -s ; fi

SirDice said:
Your user's shell is irrelevant in case you didn't know. The shebang line of the script explicitly states which shell to use.
Click to expand...
# .profile - Bourne Shell startup script for login shells
#
# see also sh(1), environ(7).
#

# These are normally set through /etc/login.conf. You may override them here
# if wanted.
# PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:$HOME/bin; export PATH

# Setting TERM is normally done through /etc/ttys. Do only override
# if you're sure that you'll never log in via telnet or xterm or a
# serial line.
# TERM=xterm; export TERM

EDITOR=vi; export EDITOR
PAGER=less; export PAGER
 
/etc/profile and/or ~/.profile are only executed when sh(1) is started as a login shell. I get it's difficult to understand how the invocation works but the shell can be started in 4 different ways. And each way behaves a little differently regarding /etc/profile, ~/.profile and ~/.shrc (or wherever ENV is pointing to).

Code: 
   Invocation
     If no arguments are present and if the standard input of the shell is
     connected to a terminal (or if the -i option is set), the shell is
     considered an interactive shell.  An interactive shell generally prompts
     before each command and handles programming and command errors
     differently (as described below).  When first starting, the shell
     inspects argument 0, and if it begins with a dash (‘-’), the shell is
     also considered a login shell.  This is normally done automatically by
     the system when the user first logs in.  A login shell first reads
     commands from the files /etc/profile and then .profile in a user's home
     directory, if they exist.  If the environment variable ENV is set on
     entry to a shell, or is set in the .profile of a login shell, the shell
     then subjects its value to parameter expansion and arithmetic expansion
     and reads commands from the named file.  Therefore, a user should place
     commands that are to be executed only at login time in the .profile file,
     and commands that are executed for every shell inside the ENV file.  The
     user can set the ENV variable to some file by placing the following line
     in the file .profile in the home directory, substituting for .shrc the
     filename desired:

           ENV=$HOME/.shrc; export ENV

     The first non-option argument specified on the command line will be
     treated as the name of a file from which to read commands (a shell
     script), and the remaining arguments are set as the positional parameters
     of the shell ($1, $2, etc.).  Otherwise, the shell reads commands from
     its standard input.

     Unlike older versions of sh the ENV script is only sourced on invocation
     of interactive shells.  This closes a well-known, and sometimes easily
     exploitable security hole related to poorly thought out ENV scripts.
 
Oh,
kerogaz said:
Code: 
sudo *MONITOR_IP
sudo: MONITOR_IP: command not found
Click to expand...
Why are you using a shell wildcard to execute it? Just use sudo ./MONITOR_IP

There are other issues with your script though, any port 80 or port 443 is an incorrect filter.

Code: 
dice@molly:~/temp % sudo ./test.sh
tcpdump: can't parse filter expression: syntax error
dice@molly:~/temp % cat test.sh
#!/bin/sh


MONITOR_IP="10.44.1.1"

tcpdump -l -n -i  em0 any port 80 or port 443 |

grep "$MONITOR_IP" |
while read -r line
do
  if [[ "$line" == *"$MONITOR_IP"* ]]; then
    fi
done
Had to change the interface, don't have an em1.
 
SirDice said:
/etc/profile and/or ~/.profile are only executed when sh(1) is started as a login shell. I get it's difficult to understand how the invocation works but the shell can be started in 4 different ways. And each way behaves a little differently regarding /etc/profile, ~/.profile and ~/.shrc (or wherever ENV is pointing to).

Code: 
   Invocation
     If no arguments are present and if the standard input of the shell is
     connected to a terminal (or if the -i option is set), the shell is
     considered an interactive shell.  An interactive shell generally prompts
     before each command and handles programming and command errors
     differently (as described below).  When first starting, the shell
     inspects argument 0, and if it begins with a dash (‘-’), the shell is
     also considered a login shell.  This is normally done automatically by
     the system when the user first logs in.  A login shell first reads
     commands from the files /etc/profile and then .profile in a user's home
     directory, if they exist.  If the environment variable ENV is set on
     entry to a shell, or is set in the .profile of a login shell, the shell
     then subjects its value to parameter expansion and arithmetic expansion
     and reads commands from the named file.  Therefore, a user should place
     commands that are to be executed only at login time in the .profile file,
     and commands that are executed for every shell inside the ENV file.  The
     user can set the ENV variable to some file by placing the following line
     in the file .profile in the home directory, substituting for .shrc the
     filename desired:

           ENV=$HOME/.shrc; export ENV

     The first non-option argument specified on the command line will be
     treated as the name of a file from which to read commands (a shell
     script), and the remaining arguments are set as the positional parameters
     of the shell ($1, $2, etc.).  Otherwise, the shell reads commands from
     its standard input.

     Unlike older versions of sh the ENV script is only sourced on invocation
     of interactive shells.  This closes a well-known, and sometimes easily
     exploitable security hole related to poorly thought out ENV scripts.
Click to expand...
Thanks, but I don't need such details, I want to know how to run the script. It won't even run, not just any script #!/bin/sh
 
This is happening on a system I installed in January of this year. On a system I installed in 2014 and have been consistently updating to 14.3 p5 since then, the scripts work and mс doesn't need to be launched as mс -u
 
SirDice said:
Oh,

Why are you using a shell wildcard to execute it? Just use sudo ./MONITOR_IP

There are other issues with your script though, any port 80 or port 443 is an incorrect filter.

Code: 
dice@molly:~/temp % sudo ./test.sh
tcpdump: can't parse filter expression: syntax error
dice@molly:~/temp % cat test.sh
#!/bin/sh


MONITOR_IP="10.44.1.1"

tcpdump -l -n -i  em0 any port 80 or port 443 |

grep "$MONITOR_IP" |
while read -r line
do
  if [[ "$line" == *"$MONITOR_IP"* ]]; then
    fi
done
Had to change the interface, don't have an em1.
Click to expand...
I tried without em1 first, but the script didn't work, and I added em1 because in the command line "tcpdump -l -n -i em1 " work.
 
Ehm, what does ls -l /bin/sh show?

You get a bit of an odd error if the shebang points to something that doesn't exist:
Code: 
dice@molly:~/temp % cat test.sh
#!/does/not/exist

echo "Hello world"
dice@molly:~/temp % ./test.sh
./test.sh: Command not found.
It's not ./test.sh that cannot be found, it's the interpreter from the shebang that's not found.
 
You must log in or register to reply here.
Back
Top