Monday, September 23, 2024

Perl One-Liner to grab IP from TCPDUMP

for grabbing source IP addresses from TCPDUMP output:

cat filename | awk '{print $3}' | perl -ne '$ip = $1 if /^(\d+\.\d+\.\d+\.\d+).*$/; print "$ip\n"' | sort | uniq

or to grab dest addresses substitute the fifth element

cat filename | awk '{print $5}' | perl -ne '$ip = $1 if /^(\d+\.\d+\.\d+\.\d+).*$/; print "$ip\n"' | sort | uniq
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)