tcpdump mailing list archives
Re: Sniffing ranges of ips
From: Jefferson Ogata <Jefferson.Ogata () noaa gov>
Date: Fri, 19 Nov 2004 13:57:35 -0500
Jefferson Ogata wrote:
MMatos wrote:I want to write a little program that analyses packets within a given ip range.My current problem is to set a filter that work with ip ranges.For example I want to dump all traffic that arrives to my box from ips 192.168.2.15 to 192.168.2.40 I could write all the ips in the range but that's not a good solution, so how can implement that filter correctly using the range?some kind of $tcpdump "src 192.168.2.15/40" :)Use the attached perl scripts, e.g.:tcpdump [options] `./genrange.pl 192.168.2.15 192.168.2.40 | ./aggregate.pl | ./iptcpdump.pl src`
Or you can do something more utilitarian, such as:tcpdump [options] '( ip[12:4] >= 0xc0a8020f ) and ( ip[12:4] <= 0xc0a80228 )'
-- Jefferson Ogata <Jefferson.Ogata () noaa gov> NOAA Computer Incident Response Team (N-CIRT) <ncirt () noaa gov> - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- Sniffing ranges of ips MMatos (Nov 18)
- Re: Sniffing ranges of ips Avelino Rego (Nov 18)
- Re: Sniffing ranges of ips Avelino Rego (Nov 18)
- Re: Sniffing ranges of ips Jefferson Ogata (Nov 19)
- Re: Sniffing ranges of ips Jefferson Ogata (Nov 19)
- Re: Sniffing ranges of ips Alexander Dupuy (Nov 19)
- Re: Sniffing ranges of ips Guy Harris (Nov 19)
- Re: Sniffing ranges of ips Alexander Dupuy (Nov 19)
- Re: Sniffing ranges of ips MMatos (Nov 19)
- Re: Sniffing ranges of ips MMatos (Nov 20)
- Re: Sniffing ranges of ips Jefferson Ogata (Nov 20)
- Re: Sniffing ranges of ips Miguel Matos (Nov 20)
- Re: Sniffing ranges of ips Jefferson Ogata (Nov 19)
- Re: Sniffing ranges of ips Avelino Rego (Nov 18)
- Re: Sniffing ranges of ips MMatos (Nov 19)
- Re: Sniffing ranges of ips Jefferson Ogata (Nov 19)
- Re: Sniffing ranges of ips Robert Lowe (Nov 19)