Do something or want to move as quickly as possible to the blog, or look back at your writing and have not read. . .
With memories + information search, when he started writing the script sh process of writing up.
First create a new .sh file, you can use vim
In the first line of sh, write
#!/bin/sh
This tells the system that this file is a script file. Must have
Then you can think of it as a console, you need to how to operate in the console, you can put the command as it posted here.
For example, create a file:
cd ~/Downloads mkdir Geronimo
You can also run other scripts in sh sh in:
sh pcapname.sh ~/Downloads/Geronimo
This command is run pcapname script and pass in the path parameter ~ / Downloads / Geronimo
In pcapname.sh, the $ 1 is the passed parameters, i.e., ~ / Downloads / Geronimo, if additional parameters passed, that is, $ 2, $ 3 so
And to operate on all the files $ 1 folder:
for var in $1/* do echo $var done
But here is an integer of $ var path: ~ / Downloads / Geronimo / filename
So when you need to get the file name when the need to extract strings.
filepath=${var%.*}
filename=${filepath##*/}
filepath here is that in addition to the string name suffix, filename is removed / file name to the left of all strings.
String patch is required, as follows:
tcpfile=$filepath/${filename}_TCP.txt
$ Quoted string needs to be added, but in order not to be confused with the string behind the outer added {filename}.
sh interception string concatenation and may reference herein
Practical part:
I use tranalyzer extract features from traffic flow to generate _flows.txt files and _pl_iat.txt files, use a script to extract all the tawk tcp features from _flows.txt file in linux.
My traffic mei1 and mei2 folders, each folder under the 50 sub-folder, contains 50 kinds of traffic, there are 20 pcap files in each subfolder
For each flow, extract flows, pl_iat, tcp content, into the three folders, each folder 50 generated .txt files, wherein each file contains .txt 20 pcap files subfolders .
I used three layers .sh file called, respectively main.sh, pcapname.sh, extractor.sh
main.sh
#! / bin / incl mkdir / mnt / hgfs / mei / mei1 / mei1 mkdir / mnt / hgfs / mei / mei1 / mei1 / flowsfiles mkdir / mnt / hgfs / mei / mei1 / mei1 / tcpfiles mkdir / mnt / hgfs / mei / mei1 / mei1 / pl_iatfiles mkdir / mnt / hgfs / mei / mei2 / mei2 mkdir / mnt / hgfs / mei / mei2 / mei2 / flowsfiles mkdir / mnt / hgfs / mei / mei2 / mei2 / tcpfiles mkdir / mnt / hgfs / mei / mei2 / mei2 / pl_iatfiles including pcapname .sh / mnt / hgfs / mei / mei1 including pcapname .sh / mnt / hgfs / mei / mei2
Here you can actually write cycle to achieve, but when the time of emergency, use the awkward, not much anyway
pcapname.sh
#!/bin/sh #$1 is the directory of the upper level file of the .pcap file #var is the name of the directory of the .pcap file # ${var#*ww_} remove the prefix, and input it to the extractor.sh for var in $1/* do sh extractor.sh $var ${var#*ww_} $1/${1##*/} done
Here used to get the name of each sub-folders, each folder name form is WWW_52PK_com, I need to extract keywords 52PK
.extractor.sh
#!/bin/sh #$1 is the directory of the .pcap file(don't including the ***.pcap file) #$2 is the name of the directory of the .pcap file(remove the prefix name) #var is the name of the .pcap file for var in $1/* do filepath=${var%.*} filename=${filepath##*/} #cd ~/Downloads/tranalyzer2-0.8.2lm2/tranalyzer2-0.8.2/trunk/tranalyzer2/src/ #./tranalyzer -r $var -w $filepath/ #cd ~/Downloads/tranalyzer2-0.8.2lm2/tranalyzer2-0.8.2/trunk/scripts/tawk/ flowsfile=$filepath/${filename}_flows.txt tcpfile=$filepath/${filename}_TCP.txt pl_iatfile=$filepath/${filename}_pl_iat.txt #./tawk 'tcp()' $flowsfile > $tcpfile #./tawk -t -H '{ # n = split($L2L3L4Pl_Iat,A,";"); # for(i=1;i<=n;i++){ # split(A[i],B,"_"); # printf "%f\t%d\t",B[2],B[1]; # } cp $flowsfile $3/flowsfiles/$2_${flowsfile##*/} cp $tcpfile $3/tcpfiles/$2_${tcpfile##*/} cp $pl_iatfile $3/pl_iatfiles/$2_${pl_iatfile##*/} done
# With the place here is my functional code is mainly to record