tcpdump mailing list archives

tcpdump filtering query

From: "Andrew Gebhardt" <ajgebha () omnisig com>
Date: Tue, 15 Oct 2002 13:00:43 -0400

Hello,

I am sorry you bother members of this mailing list but I have a question
regarding the best way to certain filter fields out of standard tcpdump
output (ascii format).

Currently, I use the awk command to remove certain fields from the tcpdump
output file.  For example:

cat tcpdumpfile | awk -F. '{print
$1"."$2"."$3"."$4"."$5,$6"."$7"."$8"."$9,$10}' | awk -F" " '{print
$1,$2,$3,$5,$6,$7}' | awk -F: '{print $1$2}' > output

Is there a way to filter fields using an expression with the tcpdump
command?  Or is there a more efficient method of filtering fields out of the
tcpdump output than using awk?

Any comments would be greatly appreciated,

Andrew Gebhardt



ajgebha () omnisig com
ajgebha () hotmail com
65 Lakefront Drive
Hammonds Plains, Nova Scotia
B4B 1L4
(902) 832-5421

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe

Current thread:

tcpdump filtering query Andrew Gebhardt (Oct 15)
- Re: tcpdump filtering query Guy Harris (Oct 15)
- Re: tcpdump filtering query José María González (Oct 15)