reverse grep

Chris Keladis ckeladis at
Sun Nov 4 02:20:02 PST 2007

On 11/4/07, Gary Kline <kline at> wrote:

> On Sun, Nov 04, 2007 at 01:12:45AM +0100, deeptech71 at wrote:

> > How is it possible to select lines that do NOT match a specific pattern?
> >
> > For example, I'm connecting to via telnet (port 23), and
> > do tcpdump -nli rl0. This cyclic traffic, becuase when tcpdump outputs
> > something, the system sends me some packets, which generates output in
> > tcpdump, and vice versa. I want to filter out packets of telnet access
> > to the FreeBSD machine, that is, something like:
> >
> >     tcpdump -nli rl0 | grep --non-matching-lines
>       % tcpdump -nli rl0 | grep -v
>       will print everything except the IP you have shown.

Actually, a better way to do it would be:

% tcpdump -nli rl0 'not host and port 22'

Will prevent tcpdump from capturing your own SSH traffic.

grep -v is only a partial solution, if a switch such as '-X' (or '-x'
on some platforms) is added, grep -v will snip only the matching line,
leaving all the other lines that don't match, through, which will
generate traffic, get captured, and loop as previously, as well as
making the output look very non-sensical.

'man tcpdump' will be a better read in this case than man grep,
although the question was perhaps worded poorly, leading to responses
on grep.



More information about the freebsd-questions mailing list