saeid talaei
asked on
Single command of tcpdump that gives several standard txt output with specific size
Hi everyone, I would like to have outputs of tcpdump in standard structure. Like below:
However it is important for me that all these structured information saved in 10 files with size of 10 MB. I know that I have to use this command:
However the problem is that, the out put is not in standard way. Can you please help me to find a single command that gives me the standard out put of the tcpdump in 10 files with size of 10 MB?
05:49:56.604899 00:00:00:00:00:02 > 00:00:00:00:00:03, ethertype IPv4 (0x0800), length 10202: 10.0.0.2.54880 > 10.0.0.3.5001: Flags [.], seq 3641977583:3641987719, ack 129899328, win 58, options [nop,nop,TS val 432623 ecr 432619], length 10136
05:49:56.604908 00:00:00:00:00:03 > 00:00:00:00:00:02, ethertype IPv4 (0x0800), length 66: 10.0.0.3.5001 > 10.0.0.2.54880: Flags [.], ack 10136, win 153, options [nop,nop,TS val 432623 ecr 432623], length 0
05:49:56.604900 00:00:00:00:00:02 > 00:00:00:00:00:03, ethertype IPv4 (0x0800), length 4410: 10.0.0.2.54880 > 10.0.0.3.5001: Flags [P.], seq 10136:14480, ack 1, win 58, options [nop,nop,TS val 432623 ecr 432619], length 4344However it is important for me that all these structured information saved in 10 files with size of 10 MB. I know that I have to use this command:
tcpdump -i h1-eth0 -w /tmp/trace.txt -W 10 -C 10 -K -nHowever the problem is that, the out put is not in standard way. Can you please help me to find a single command that gives me the standard out put of the tcpdump in 10 files with size of 10 MB?
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
I read one site where the syntax is like this:
tcpdump -r old_file -w new_files -C 10