LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page Tcpdump raw output but grepping aswell
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 07-23-2008, 07:31 PM   #1
synick
LQ Newbie
 
Registered: Jul 2008
Posts: 1

Rep: Reputation: 0
Tcpdump raw output but grepping aswell

Hi Guys,

I have had a hunt around the interweb to see if I can perform a tcpdump on an interface, grep based on certain ip's but also writing it as raw output:

Something like:

tcpdump -i eth0 -w tcpdump.cap | grep 10.0.0.1 | grep 10.0.0.2

But that doesn't work, I have also had a look through the man page and can't seem to spot any commands to grep with a -w.

Any help is greatly appreciated.

Regards.
 
Old 07-23-2008, 11:01 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Brisbane
Distribution: Centos 6.2, Centos 5.8
Posts: 11,740

Rep: Reputation: 905Reputation: 905Reputation: 905Reputation: 905Reputation: 905Reputation: 905Reputation: 905Reputation: 905
You need the tee cmd : http://www.ss64.com/bash/tee.html

/usr/sbin/tcpdump -i eth0 | tee tcpd.dmp |grep blah
 
Old 07-23-2008, 11:46 PM   #3
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,051
Blog Entries: 2

Rep: Reputation: 93
If you only want to capture packets for those hosts

tcpdump -i eth0 -w tcpdump.cap host 10.0.0.1 or host 10.0.0.2

That'll capture packets whose source or destination is either of those hosts.
 
  


Reply

Tags
grep, raw, tcpdump


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
puzzled by grepping on man output -- some strings found, others not tphyahoo Linux - Software 5 11-19-2006 01:17 PM
tcpdump output help asim_s2000 Linux - Networking 4 11-11-2004 08:30 AM
grepping last word of output rajatgarg Programming 3 11-25-2003 10:41 AM
tcpdump output hampel Linux - Security 9 07-18-2003 12:53 AM
grepping for multi-line output born4linux Programming 1 03-07-2003 02:26 AM


All times are GMT -5. The time now is 11:13 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration