I need to capture just the traffic from one ip address in a network (in/out)
I use this command in linux : tshark -i 3 -f "host x.x.x.x" -w test.pcap
I capture all the traffic when i used that command without the -f "host x.x.x.x"
Could you help me?
Thanks in advance.
asked 16 May '13, 11:21
edited 16 May '13, 11:23
Most likely your packets are vlan tagged, could you try the filter
answered 16 May '13, 11:34