On Friday January 23 2009 08:07, you wrote:
>I am sure it's got something to do with the way I am quoting but it's
>not making a lot of sense at this point.
>
>Here is the actual command I am trying to run and it's error
>output.
>
>spider:/var/logtransfer/dc-fw1# find . -name pflog.*.gz -exec zcat {}
> | tcpdump -entttv -r - \;
>find: -exec: no terminating ";"
>tcpdump: fread: Invalid argument
You're right, the problem is quoting. The shell interprets everything
after the pipe character ("|") as a separate command, so find never
receives the semi-colon.
For something this simple, i'd suggest moving the pipe outside of the
find command:
find . -name pflog.*.gz -exec zcat {} \; | tcpdump -entttv -r -
For more complicated situations, you can use a structure more like this:
find . -name pflog.*.gz -print0 | while read -d $'\0' file ; do \
echo "Now processing ${file}" \
zcat $file | tcpdump -entttv -r - \
done
For your particular situation, not using a find at all might work:
gunzip -c pflog.*.gz | tcpdump -entttv -r -
That could fail if "pflog.*.gz" expands to so many files that it
overflows the maximum command length, but otherwise should work the
same.
------------------------------------------------------------------------
Dan Ramaley Dial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540 Des Moines IA 50311 USA
