Re: Trace conversion.

[Paul Berube <berube () cs ualberta ca>]

> i think this will accomplish what you want:
> # tcpdump -ln ip| awk '{print $1,",", $5}' | sed 's/\.[0-9]*:$//'

The output looks fantastic, nearly exactly the format I wanted!

One question, though.  I see "h.m.s:ms, a.b.c.d.x:", and I'm wondering 
what the 'x' is?  By the frequent occurences of 80, I'm guessing these are 
port numbers, but I'd like to be sure :)

> this won't work with icmp though...

That's fine, I'm only interested in IP traffic.


Thanks so much, you're terrific!

--Paul

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.