how can tell tcpdump to not include the port numbers in the output? Right now it includes the resolved IP + resolved port. I just need the resolved IP address (hostnames)
I'm not a very experienced script writer at all. I did find some useful hints in generating an stdout from tcpdump that generates a live feed if you will which is what I want, the problem is handling the out output and generate dig/DNS queries against another DNS server for a lab.
I'm running a KVM instance inside of OpenStack, and it isn't getting an IP address from the DHCP server.
Using tcpdump, I can see the request and reply packets on vnet0 of the compute host:
# tcpdump -i vnet0 -n port 67 or port 68
tcpdump: WARNING: vnet0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vnet0, link-type EN10MB (Ethe
tcpdump -v src host <IP address> and port <port number> >>out.txt 2>>err.txt -w capture.cap
on multiple IP-s while the other parts of the script initiates some traffic in the background.
We want check if packets are coming back to us, and examine manually only those cases when we receive packages.