Re: tcpdump filtering query

[Guy Harris <guy () netapp com>]

On Tue, Oct 15, 2002 at 01:00:43PM -0400, Andrew Gebhardt wrote:
> Is there a way to filter fields using an expression with the tcpdump
> command?

No - the only options that affect the fields tcpdump prints are:

        "-e", which controls whether the link-layer header is printed;

        "-v" which controls how verbose the packet description is.

> Or is there a more efficient method of filtering fields out of the
> tcpdump output than using awk?

Perl, or sed, or perhaps cut, might do it; whether they'd be more
efficient is another matter.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe