strange behaviour of strings command

Question

I am trying to capture mysql traffic and pass those traffic to strings command as follows:

tcpdump -i any -s 0 -l -w - dst port 3306 | strings

This is working as expected and printing all mysql queries like

select * from mytables
show databases

But when i am trying to redirect the output to a file, its not printing the output to /tmp/out file:

tcpdump -i any -s 0 -l -w - dst port 3306 | strings > /tmp/out

Can someone explain me the behaviour of above command and why it is not redirecting the output to file.

score 2 · Accepted Answer · edited Apr 13 '17 at 12:36

2

I got the solution:

Actually strings command is buffering. I disabled the buffering by using

stdbuf -i0 -o0 -e0 command

So after changing the whole command to the following, output started going to /tmp/final file.

tcpdump -i any -s 0 -l -w - dst port 3306 | stdbuf -i0 -o0 -e0 strings > /tmp/final

edited Apr 13 '17 at 12:36

Community

answered Jul 25 '13 at 09:06

pradeepchhetri

Note that you only need -o0, since you're only redirecting stdout (and -i0 doesn't do anything useful anyway). – Stéphane Chazelas Jul 29 '13 at 15:18

1 Answers1