pgb has asked for the wisdom of the Perl Monks concerning the following question:

Greetings,
can somebody help me?
I am writing some perl scripts (ActivePerl 5.6.1 on a Win2K system) that perform tests on network devices. The basic structure of these scripts is : start (asynchronously) a tethereal capture, perform some operation on devices, stop the trace, analyze the trace.
I'm using the Win32::Process package but the kill method look unreliable (for small traffic the capture file is empty, it looks like tethereal or the underlying libpcap perform a sort of buffering and I don't know how to force a disk write). For longer traces I miss the latest packets and the last packet is almost always corrupted.
Tethereal autostop conditions don't look suitable: in general I cannot predict the running time of the script or the number of packet to capture.
A stop condition triggered by a capture filter would be very helpful, but as far as I know is not implemented yet.
I noticed that typing CTRL-C on the console where tethereal is running make it exit gracefully (but, alas, it's a manual operation).
Thank You

Replies are listed 'Best First'.
Re: Reliable tethereal capture
by Corion (Patriarch) on Mar 19, 2004 at 17:44 UTC

    You have two possible ways to go, as you already have libpcap installed:

    One would be to do all capturing in Perl using Net::PCap and Net::PCapUtils - but this means that you'll have to write your captured stream to disk yourself and if you use other programs to postprocess the data, this might be undesireable.

    The other way would be to find the console tethereal runs in, and send a CTRL-C to it. You have to find the console window, and finding the console window requires that you give it a unique window title (for example under Windows NT/2k/XP by launching the other process through a .cmd file which first sets the console window title). Then try SendKeys from the Win32::GuiTest package to send a ^C to it. That already might be enough, but possibly you have to send a "close-click" to the console window itself, and that is where it starts getting ugly :-)

[reply]
      Good! It does work!
      I performed some testing with your second solution and I found it absolutely reliable. Thanks a lot.
[reply]

Back to Seekers of Perl Wisdom