Mike, I believe the original request was looking at about 100 ips, and a scalable solution. I dont think 100 tcpdumps is either simple or scalable.
Adam. On Tue, 2003-06-24 at 10:12, [EMAIL PROTECTED] wrote: > G'day... > > Have you considered doing a: > > # tcpdump -i <interface> | grep 1.2.3.4 > 1.2.3.4.log & > # tcpdump -i <interface> | grep 2.3.4.5 > 2.3.4.5.log & > > Of course, you may wish to refine the grep regexp if you are getting > other stray lines in your log files. > > Never underestimate the power of the simple axioms that already exist. > :) > > Warmest regards > > Mike > --- > Michael S. E. Kraus > Network Administrator > Capital Holdings Group (NSW) Pty Ltd > p: (02) 9955 8000 > > > > Umar Goldeli > <[EMAIL PROTECTED]> > Sent by: > [EMAIL PROTECTED] > > 23/06/2003 08:01 PM > > To: > [EMAIL PROTECTED] > cc: > Subject: > [SLUG] Tcpdump - > multiple filters to > multiple files? > > > Howdy, > > How are we all? :) > > Here's an interesting question that I'm looking for a solution to - > quite > simply, is there a way to run tcpdump to capture different ip > addresses > and output them to different files without running multiple copies of > tcpdump? > > Specifically - something along these lines: > > * A single tcpdump process captures packets with source or dest IP: > 1.2.3.4 and outputs the results to 1.2.3.4.log whilst at the same time > doing the same for 2.3.4.5 and 2.3.4.5.log respectively. > > Ideally - this scales to the 100 mark or so.. and FAST. > > I'm pretty sure this can't be done with tcpdump/libpcap - but is there > another utility? > > If none exists - how hard would it be to code such a beast? Also - > could > it be coded portably so it could compile/run on Solaris etc? > > Looking forward to hearing your replies... > > Thanks in advance. :) > > Cheers, > Umar. > > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug > > > > > > ______________________________________________________________________ > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
