My apologies if this comes off as an overly newb question. I have been tasked by coworker to take a repository of pcaps and provide output from them in the form of...
I played around with piping tcpdump to grep for a while before figuring out that tshark might be far easier, and I've managed to get the output that I need with the exception of the source and destination ports.
The command that I've used is...
The output would be perfect if I could get it to display ports numbers beside each IP. I've been digging through the man pages with little luck so far. If anyone can recommend a solution, I would be most appreciative.
asked 25 Aug '11, 14:15
Simple: (assuming you're referring to TCP ports) try
answered 25 Aug '11, 14:56
Bill Meier ♦♦
edited 25 Aug '11, 14:57