reverse grep
Chris Keladis
ckeladis at gmail.com
Sun Nov 4 02:20:02 PST 2007
On 11/4/07, Gary Kline <kline at tao.thought.org> wrote:
> On Sun, Nov 04, 2007 at 01:12:45AM +0100, deeptech71 at gmail.com wrote:
> > How is it possible to select lines that do NOT match a specific pattern?
> >
> > For example, I'm connecting to 192.168.123.254 via telnet (port 23), and
> > do tcpdump -nli rl0. This cyclic traffic, becuase when tcpdump outputs
> > something, the system sends me some packets, which generates output in
> > tcpdump, and vice versa. I want to filter out packets of telnet access
> > to the FreeBSD machine, that is, something like:
> >
> > tcpdump -nli rl0 | grep --non-matching-lines 192.168.123.254.23
>
> % tcpdump -nli rl0 | grep -v 192.168.123.254.23
>
> will print everything except the IP you have shown.
Actually, a better way to do it would be:
% tcpdump -nli rl0 'not host 192.168.123.254 and port 22'
Will prevent tcpdump from capturing your own SSH traffic.
grep -v is only a partial solution, if a switch such as '-X' (or '-x'
on some platforms) is added, grep -v will snip only the matching line,
leaving all the other lines that don't match, through, which will
generate traffic, get captured, and loop as previously, as well as
making the output look very non-sensical.
'man tcpdump' will be a better read in this case than man grep,
although the question was perhaps worded poorly, leading to responses
on grep.
Regards,
Chris.
More information about the freebsd-questions
mailing list