As part of a lab exercise that I am doing, I have been asked; using tcpdump read the packets from tcpdumpep1.pcap and filter packets from IP address 184.107.41.72 and port 80. Write these packets to a new file
I tried the following, but I'm getting a syntax error:
$ tcpdump -r tcpdumpep1.pcap -w output.txt host 184.107.41.72 port 80
reading from file tcpdumpep1.pcap, link-type EN10MB (Ethernet)
tcpdump: syntax error in filter expression: syntax error
tcpdump takes a filter predicate, meaning it expects a logic expression with a boolean value once executed on a packet.
Here, it returns a syntax error because you're missing a logical and:
tcpdump -r tcpdumpep1.pcap -w output.txt host 184.107.41.72 and port 80