3

I'm trying to run the tshark exe with a bunch of options and outputting to a fil (see below). However I'm really stuck on the correct syntax of the system() command to use.

I've had help on here previously and have since even gotten it working with a dos for loop, however this is beyond me. I've tried a variety of escape sequences and encapsulating the whole command in 2-3 quotes, as per other suggestions I've seen on SO.

The command is:

C:\Program Files\Wireshark\tshark.exe -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\test\output.csv

I've tried:

system("start C:\\Program\ Files\\Wireshark\\tshark.exe -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\\test\\tshark2.csv &");

system("\"start C:\\Program\ Files\\Wireshark\\tshark.exe -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info\" > c:\\test\\tshark2.csv &");

...amongst others.

If it weren't for the space in the dir I could be past this I think. Is it easier to change into the dir to run tshark? Also, the advice I've had up to now is to use "start" in system calls, if this is wrong please feel free to say.

Apologies for the questions but I only came into C++ recently and I'm still getting used to some things...

I should have added that I'm also trying to get this to run as a background job and for the rest of my script to continue while it runs.

Alan Birtles
  • 32,622
  • 4
  • 31
  • 60
dailygrind
  • 99
  • 1
  • 7
  • 1
    Only quote the file paths containing spaces, no? You're quoting `start` and the flags, too. What does this have to do with c++, anyway? – LogicStuff Nov 24 '15 at 19:20
  • 1
    What is your reason for using `start`? Also, why do you have a `&` at the end of the line? – Klitos Kyriacou Nov 24 '15 at 20:14
  • Hi @KlitosKyriacou, thanks for the reply. As per the comment below, I'd been told to use both in order to allow the command to run in the background? – dailygrind Nov 24 '15 at 20:23
  • 1
    @dailygrind The person who told you to use "&" got it confused with Unix/Linux. On Windows the "&" is actually a command separator (so you can put multiple commands on one line) and not a request to run in the background. If you want to run in the background you should use the `start` command, but not in the way you do here. I'll update my answer to explain it. – Klitos Kyriacou Nov 24 '15 at 20:30

5 Answers5

2

Everybody's answer is almost correct. Try this:

system("\"C:\\Program Files\\Wireshark\\tshark.exe\" -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\\test\\tshark2.csv");

In your question there is a '&' at the end of the line. This is used on Linux and other *nix systems to run a job in the background. On Windows, '&' is a command separator (allowing you to put multiple commands on the same line). To run in the background, you need to use the start command. However, if the first parameter of the start command is enclosed in quotes, the start command considers it to be the window title. The real command then becomes the second argument. So you should add a dummy argument in quotes before the actual one:

system("start \"\" cmd /c \"C:\\Program Files\\Wireshark\\tshark.exe\" -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info ^> c:\\test\\tshark2.csv");

Notice also that the redirection operator > needs to be escaped as ^> so that instead of redirecting the output of the start command (which is nothing) it redirects the output of the tshark command. The > needs to be interpreted by cmd.exe so the argument to start must be cmd.

The start command is only required if the program you want to run in the background is a console application(i.e. one that normally runs in a command prompt window). If it's a normal Windows application, then it will run concurrently with the application that launched it, so there's no need to use start.

Klitos Kyriacou
  • 10,634
  • 2
  • 38
  • 70
  • Thanks, this does indeed work much better with the removed "&" and window title fix. The only issue I'm seeing with the command is that it seems to ignore the args that come after the called exe. Do the args need to be inside the inner quotes? – dailygrind Nov 24 '15 at 20:47
  • I take the above back, the args seem fine but it's not outputting to file, only console – dailygrind Nov 24 '15 at 20:51
  • 1
    That got me puzzled, but now I think I know why it didn't work. It's the output of the `start` command that is being redirected, not the output of the tshark command. Try replacing `>` with `^>` - by escaping the redirection this way, you delay it so that the first command takes it literally and passes it as `>` to the tshark command. I'll edit my answer. – Klitos Kyriacou Nov 24 '15 at 22:01
  • Sorry, didn't seem to work. I put the escape in and now the window briefly flashes up before closing back down. No output file is created. Thanks for all of your help on this – dailygrind Nov 24 '15 at 22:35
  • 1
    I'm sorry it didn't work and I've run out of ideas now. – Klitos Kyriacou Nov 24 '15 at 23:14
  • 1
    One more idea: if you can use the Windows API instead of just standard C++, you might want to consider calling CreateProcess() instead of system(). CreateProcess gives you much more control over the child process, including running in the background (so you don't have to use the start command). It's more complicated to use, so look it up on Google and decide. – Klitos Kyriacou Nov 24 '15 at 23:28
  • 1
    Got it! Add `cmd /c` before the tshark filename. That's because the `>` needs to be interpreted by the command processor `cmd.exe`, otherwise tshark sees it as an ordinary parameter. – Klitos Kyriacou Nov 25 '15 at 10:53
  • 1
    Thanks! I found the same thing too last night and just came here to update the Q. – dailygrind Nov 25 '15 at 14:42
1

The correct string is:

"start \"\" \"C:\\Program Files\\Wireshark\\tshark.exe\" -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\\test\\tshark2.csv &"

(You need to put empty quoted string ("") as the first parameter, according to this Q/A.

Or, without start command:

"\"C:\\Program Files\\Wireshark\\tshark.exe\" -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\\test\\tshark2.csv &"

You only wrap paths containing spaces in " (escaped by \ in c++ => \"), spaces aren't, can't and needn't be escaped.

Community
  • 1
  • 1
LogicStuff
  • 19,397
  • 6
  • 54
  • 74
1
system("start \"C:\\Program Files\\Wireshark\\tshark.exe\" -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\\test\\tshark2.csv &");
Mariusz Lotko
  • 385
  • 3
  • 5
0

You don't need to give start inside system function call. Just give something like system(C:\Program\ Files\Wireshark\tshark.exe ...followed by arguments);

Ritesh
  • 1,809
  • 1
  • 14
  • 16
0

just do like this:

system("start ,\”C:\Program\ Files\Wireshark\tshark.exe -a duration:130 -i 3 -T fields -e frame.number -e frame.time -e _ws.col.Info > c:\test\tshark2.csv\" &");

vahed mafi
  • 84
  • 1
  • 8