0

I am trying to automate fetching network logs from an Android device to Windows system. For that purpose I need to send multiple commands. I am able to club most of them, but now I got stuck where I have to stop the tcpdump process and copy the capture file from the device using adb pull.

I am using this command to start tcpdump:

adb shell su -c ./data/tcpdump -i any -s 0 -w /sdcard/Download/tcpdump.pcap

Manually running the above command works fine, so I assume the following python code is also good:

self._proc3 = Popen(shlex.split(cmd),stdout=PIPE ,stderr=PIPE)

For stopping the process, I have tried multiple approaches like:

Sending ctrl-c , \x03\n, all in Popen. Also, killing the subrocess using taskill. However, nothing works. The capture file is not getting created. I don't know whether this is due to some Windows limitation or I am doing something wrong.

Alex P.
  • 30,437
  • 17
  • 118
  • 169
Chirag Dhyani
  • 863
  • 11
  • 24
  • Please make meaningful titles for your questions. In your post you reasonably described a problem with not being able to properly stop the `tcpdump` capture process - but the title did not make any sense. – Alex P. Jul 14 '16 at 08:09
  • also https://stackoverflow.com/a/15622698/1778421 – Alex P. Jul 04 '18 at 15:59

1 Answers1

1

You need to send the SIGINT signal to the tcpdump process.

Depending on busybox/toolbox/toybox versions available the following would make all running tcpdump instances to stop capturing and dump the log:

adb shell su -c killall -q -2 tcpdump
Alex P.
  • 30,437
  • 17
  • 118
  • 169