rjmcmahon
/
fiwi_monitor
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve tshark error handling and packet counting 

- Add -q flag to suppress tshark summary output
- Handle exit code 1 (field availability issues) as non-fatal
- Better filter out tshark status messages from packet counting
- Improve packet line detection to exclude status messages

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Robert McMahon 2026-02-13 14:02:50 -08:00
parent 744bc35597
commit a50c03166c
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
test_monitor_tshark.sh
View File

@ -133,8 +133,11 @@ echo "Capturing packets for $DURATION seconds..."
# Run capture with timeout # Run capture with timeout
# Note: timeout returns 124 when it times out (expected), so we need to handle that # Note: timeout returns 124 when it times out (expected), so we need to handle that
# Also, wlan.ra/wlan.ta may not be available for all frame types, which can cause tshark to exit with code 1
# We'll capture both stdout and stderr, but continue even if tshark exits with an error
set +e # Temporarily disable exit on error set +e # Temporarily disable exit on error
CAPTURE_OUTPUT=$(timeout "$DURATION" tshark -i "$INTERFACE" -n -T fields \ # Use -q to suppress packet count output, and continue even if some fields are missing
CAPTURE_OUTPUT=$(timeout "$DURATION" tshark -q -i "$INTERFACE" -n -T fields \
-e frame.number \ -e frame.number \
-e frame.time \ -e frame.time \
-e wlan.ra \ -e wlan.ra \
@ -148,8 +151,9 @@ CAPTURE_EXIT_CODE=$?
set -e # Re-enable exit on error set -e # Re-enable exit on error
# Exit code 124 means timeout occurred (expected), 0 means command completed normally # Exit code 124 means timeout occurred (expected), 0 means command completed normally
# Exit code 1 might mean some fields weren't available for some frames, but we still got data
# Other exit codes indicate actual errors # Other exit codes indicate actual errors
if [ "$CAPTURE_EXIT_CODE" -ne 0 ] && [ "$CAPTURE_EXIT_CODE" -ne 124 ]; then if [ "$CAPTURE_EXIT_CODE" -ne 0 ] && [ "$CAPTURE_EXIT_CODE" -ne 124 ] && [ "$CAPTURE_EXIT_CODE" -ne 1 ]; then
echo "Warning: tshark exited with code $CAPTURE_EXIT_CODE" echo "Warning: tshark exited with code $CAPTURE_EXIT_CODE"
fi fi
@ -168,8 +172,9 @@ if [ -n "$WARNINGS" ]; then
fi fi
# Count total packets captured (lines starting with a number followed by tab) # Count total packets captured (lines starting with a number followed by tab)
# Filter out lines like "100 packets captured" which don't have tabs # Filter out tshark status messages like "100 packets captured" or "Capturing on..."
PACKET_LINES=$(echo "$CAPTURE_OUTPUT" | grep -E '^[0-9]+\t' || true) # Only count lines that look like actual packet data: number, tab, then more fields
PACKET_LINES=$(echo "$CAPTURE_OUTPUT" | grep -E '^[0-9]+\t' | grep -v -E '(packets captured|Capturing on|Running as)' || true)
FINAL_COUNT=$(echo "$PACKET_LINES" | wc -l || echo "0") FINAL_COUNT=$(echo "$PACKET_LINES" | wc -l || echo "0")
# Count packets with PLCP headers (radiotap present) # Count packets with PLCP headers (radiotap present)