Tcpdump raw output but grepping aswell
I have had a hunt around the interweb to see if I can perform a tcpdump on an interface, grep based on certain ip's but also writing it as raw output:
tcpdump -i eth0 -w tcpdump.cap | grep 10.0.0.1 | grep 10.0.0.2
But that doesn't work, I have also had a look through the man page and can't seem to spot any commands to grep with a -w.
Any help is greatly appreciated.