Andrew, if you want tcpdump to only print specific fields, you may want to take a look at ipsumdump.
http://www.icir.org/kohler/ipsumdump/ Regards. -Chema Andrew Gebhardt wrote: > > Hello, > > I am sorry you bother members of this mailing list but I have a question > regarding the best way to certain filter fields out of standard tcpdump > output (ascii format). > > Currently, I use the awk command to remove certain fields from the tcpdump > output file. For example: > > cat tcpdumpfile | awk -F. '{print > $1"."$2"."$3"."$4"."$5,$6"."$7"."$8"."$9,$10}' | awk -F" " '{print > $1,$2,$3,$5,$6,$7}' | awk -F: '{print $1$2}' > output > > Is there a way to filter fields using an expression with the tcpdump > command? Or is there a more efficient method of filtering fields out of the > tcpdump output than using awk? > > Any comments would be greatly appreciated, > > Andrew Gebhardt > > [EMAIL PROTECTED] > [EMAIL PROTECTED] > 65 Lakefront Drive > Hammonds Plains, Nova Scotia > B4B 1L4 > (902) 832-5421 > > - > This is the TCPDUMP workers list. It is archived at > http://www.tcpdump.org/lists/workers/index.html > To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
