用于实时集成的数据包捕获
[英]packet capture for real time integration
问题描述
I need to capture packets and use the data for a real time integration.
我需要捕获数据包并将数据用于实时集成。
The packets flow between two legacy systems which provide no other means of accessing the data.数据包在两个遗留系统之间流动,不提供其他访问数据的方式。
This appears simple to do using tcpdump or tshark, but I am unable to find a streamlined way to get the data off the capture device (raspberry pi) and to the service that manages the integration.这似乎很容易使用 tcpdump 或 tshark 来完成,但我无法找到一种简化的方法来从捕获设备 (raspberry pi) 和管理集成的服务中获取数据。 As far as I can see from documentation, tcpdump and tshark only write to files or the console.据我从文档中看到的,tcpdump 和 tshark 只写入文件或控制台。
Ideally, the data in each packet would be sent from the capture device to a remote MQTT topic.理想情况下,每个数据包中的数据将从捕获设备发送到远程 MQTT 主题。 This would avoid the write and file parsing that are inherent to tcpdump/tshark.这将避免 tcpdump/tshark 固有的写入和文件解析。 I get that I can extract the data from a file, but I am looking to eliminate that step.我知道我可以从文件中提取数据,但我希望消除该步骤。 The packet traffic that will be captured is low volume (max one packet per second).将捕获的数据包流量很小(每秒最多一个数据包)。 Am I missing something that would do this easily?我错过了可以轻松做到这一点的东西吗?
1 个解决方案
解决方案1
0 2021-10-09 15:36:32
Tcpdump and wire/tshark both make use of the pcap (libpcap) library to do the actual packet capture and to process rules to decide which packets to keep. Tcpdump 和 wire/tshark 都使用 pcap (libpcap) 库来进行实际的数据包捕获和处理规则来决定保留哪些数据包。
Your best bet will be to write a small application that uses this and a MQTT client library to capture and forward the packets you want你最好的选择是编写一个使用这个和 MQTT 客户端库的小应用程序来捕获和转发你想要的数据包
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.