how to read pcap file, filter by ip address and port then write data to another file

pcap tcpdump
18,081

tcpdump takes a filter predicate, meaning it expects a logic expression with a boolean value once executed on a packet.

Here, it returns a syntax error because you're missing a logical and:

tcpdump -r tcpdumpep1.pcap -w output.txt host 184.107.41.72 and port 80
Share:
18,081
CyberNewbie
Author by

CyberNewbie

Updated on June 08, 2022

Comments

  • CyberNewbie
    CyberNewbie almost 2 years

    As part of a lab exercise that I am doing, I have been asked; using tcpdump read the packets from tcpdumpep1.pcap and filter packets from IP address 184.107.41.72 and port 80. Write these packets to a new file

    I tried the following, but I'm getting a syntax error:

    $ tcpdump -r tcpdumpep1.pcap -w output.txt host 184.107.41.72 port 80
reading from file tcpdumpep1.pcap, link-type EN10MB (Ethernet)
tcpdump: syntax error in filter expression: syntax error
  • CyberNewbie
    CyberNewbie almost 6 years
    tcpdump -r tcpdumpep1.pcap && host 184.107.41.72 and port 80 -w output.txt ??
  • pchaigno
    pchaigno almost 6 years
    No, just the command I provided, with the and should suffice.
  • CyberNewbie
    CyberNewbie almost 6 years
    Thank you, sir. So I wasn't a million miles off the correct answer. Thank you for your time.
  • pchaigno
    pchaigno almost 6 years
    Glad I could help! Do you want me to change anything to accept the answer?
  • CyberNewbie
    CyberNewbie almost 6 years
    No thats it all sorted. Thanks again.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

TCP Server sends [ACK] followed by [PSH,ACK]
Parsing pcap taken from wireshark file using - Java
"tail -f" using "tcpdump -r"
Snort finding the alert file DATA with snort.logs.xxxxxxx
What's all this deploy.akamaitechnologies.com traffic?
How to use tshark or tcpdump to calculate bytes transmitted
Extracting SSL certificates from the network or pcap files
How would a PCAP filter look like to capture all DHCP related traffic?
tcpdump filter for tcp zero window messages
Packet captures: filtering on RX vs TX