Hi all , I am looking for a command that i can use to filter a particular IP . For example I just want to get info about 10.82.23.343 and store in file hello.cap , how will I go about doing that from command line [linux] ? FYI I have used the commands tshark -i 2 -p -w hello.cap to capture and it works but I want to know how do i filter on a particular IP address
asked 25 Jul '12, 08:22
Please try this.
host x.x.x.x will filter only traffic from and to that IP address.
Please read the wiki for a more complete list of capture filters: