rjmcmahon
/
fiwi_monitor
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix packet parsing regression: use flexible grep pattern 

- Change grep pattern from '^[0-9]+\t' (requires tab) to '^[0-9]+' (matches working test capture)
- Add -q flag back to suppress packet count output
- Filter out empty lines and whitespace-only lines
- Fix debug section to use temp file before deletion

This fixes the regression where only 1 packet was parsed despite the pcap
file containing 216 packets. The tab requirement in the grep pattern was
too strict and didn't match tshark's actual output format.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Robert McMahon 2026-02-13 14:52:41 -08:00
parent 8c9487984a
commit 7e9006a69b
1 changed files with 48 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
test_monitor_tshark.sh
View File

@ -198,6 +198,17 @@ fi
# Include PHY rate and MCS for histograms # Include PHY rate and MCS for histograms
# Extract to temp file first to avoid pipe issues, then filter # Extract to temp file first to avoid pipe issues, then filter
TEMP_TSHARK_OUTPUT=$(mktemp /tmp/tshark_output_XXXXXX.txt) TEMP_TSHARK_OUTPUT=$(mktemp /tmp/tshark_output_XXXXXX.txt)
# First, verify we can read the pcap with a simple field extraction
SIMPLE_TEST=$(tshark -r "$TEMP_PCAP" -n -T fields -e frame.number 2>/dev/null | head -5 || true)
if [ -z "$SIMPLE_TEST" ]; then
echo "Warning: Could not read frame.number from pcap file"
echo " This may indicate a corrupted pcap or unsupported format"
echo ""
fi
# Extract all fields (suppress stderr to avoid "Some fields aren't valid" messages)
# Use -q flag to suppress packet count output that interferes with parsing
tshark -q -r "$TEMP_PCAP" -n -T fields \ tshark -q -r "$TEMP_PCAP" -n -T fields \
-e frame.number \ -e frame.number \
-e frame.time \ -e frame.time \
@ -216,9 +227,44 @@ tshark -q -r "$TEMP_PCAP" -n -T fields \
-e wlan_radio.mcs.index \ -e wlan_radio.mcs.index \
2>/dev/null > "$TEMP_TSHARK_OUTPUT" || true 2>/dev/null > "$TEMP_TSHARK_OUTPUT" || true
# Debug: Check what we actually got
TEMP_LINE_COUNT=$(wc -l < "$TEMP_TSHARK_OUTPUT" 2>/dev/null || echo "0")
if [ "$TEMP_LINE_COUNT" -eq 0 ]; then
echo "Warning: tshark field extraction produced no output"
echo " This may indicate an issue with the pcap file or field extraction"
echo " Try: tshark -r $TEMP_PCAP -T fields -e frame.number | head -5"
echo ""
fi
# Filter out non-packet lines (keep only lines starting with frame numbers) # Filter out non-packet lines (keep only lines starting with frame numbers)
CAPTURE_OUTPUT=$(grep -E '^[0-9]+\t' "$TEMP_TSHARK_OUTPUT" || true) # Use the same approach as test capture: grep for lines starting with numbers, exclude status messages
rm -f "$TEMP_TSHARK_OUTPUT" # Filter out empty lines and lines that are just whitespace
CAPTURE_OUTPUT=$(grep -E '^[0-9]+' "$TEMP_TSHARK_OUTPUT" 2>/dev/null | grep -v -E '^[[:space:]]*$' | grep -v -E '(packets captured|Capturing on|Running as|tshark:)' || true)
# Verify we got output before deleting temp file
if [ -z "$CAPTURE_OUTPUT" ] || [ "$(echo "$CAPTURE_OUTPUT" | wc -l)" -eq 0 ]; then
# If still empty but file has content, show debug info
if [ "$TEMP_LINE_COUNT" -gt 0 ]; then
echo "Warning: tshark output has $TEMP_LINE_COUNT lines but no valid packet data found"
if [ -n "$KEEP_PCAP" ]; then
echo " First 5 lines of raw output:"
head -5 "$TEMP_TSHARK_OUTPUT" | sed 's/\t/<TAB>/g' | head -5
echo ""
echo " Last 5 lines of raw output:"
tail -5 "$TEMP_TSHARK_OUTPUT" | sed 's/\t/<TAB>/g' | tail -5
echo ""
fi
fi
fi
# Clean up temp file (keep for debugging if KEEP_PCAP is set)
if [ -z "$KEEP_PCAP" ]; then
rm -f "$TEMP_TSHARK_OUTPUT"
else
echo "Debug: Keeping tshark output file: $TEMP_TSHARK_OUTPUT"
echo " (Use: cat $TEMP_TSHARK_OUTPUT | head -20 to inspect)"
echo ""
fi
# Clean up temp file (unless KEEP_PCAP is set) # Clean up temp file (unless KEEP_PCAP is set)
if [ -z "$KEEP_PCAP" ]; then if [ -z "$KEEP_PCAP" ]; then