Hi every body, I want to know how I could filter a large group of ip addresses (in a Listener) which I can't filter them using a network notation like(ip.addr==10.0.0.0\8) because they are from different networks, and it will be too long to write them manually like this(ip.addr==141.55.12.13 or ip.addr==212.67.108.5 or ....) Thanks asked 04 Dec '12, 23:30  Leena |
2 Answers:
Under Linux you can use sed to replace the new lines in a given text file with a string of your choice, e.g. will replace each new line with " or ip.addr==" giving you a near working filter string for your shark, you just have to apply another "ip.addr==" just in front of the output before the very first IP address. Under windows I do exactly the same Task using e.g. notepad++ with string replace using the radio button "enhanced search", which makes it able to search for \r\n and replace this with or 'ip.addr==' Of course you can extend this by scripting the complete process, but that does the job in a very quick manner... answered 05 Dec '12, 01:33  Landi edited 05 Dec '12, 01:33 |
You got the slash backwards, otherwise your idea is good. Use ip.addr==10.0.0.0/8, and you're good to go. answered 04 Dec '12, 23:34  Jasper ♦♦ 1 He was saying that the IPs are NOT inside a CIDR notable subnet because in different networks (05 Dec '12, 00:13) Landi this is exactly what I mean Landi. Thanks Jasper for the correction (05 Dec '12, 00:34) Leena Okay, I wasn't awake when I read the question I think :-) (05 Dec '12, 01:28) Jasper ♦♦ |
where do you have the IP addresses, inside a text file or something line by line?
you can say it inside a text file