tshark

List unique source/destination IP addresses in pcap:

tshark -r capture.pcap -T fields -e ip.src | sort -u
tshark -r capture.pcap -T fields -e ip.dst | sort -u

Capture to a PCAP

tshark -i eth0 -w capture.pcap

CheatSheets

(covered in ads) tshark - Wireshark Command Line Cheat Sheet

PrevioustmuxNextVoice Over IP (VoIP)

Last updated