The following tshark script captures the incoming or source IP addresses on a server and logs it in a text file.
tshark -i eth0 -R “ip.dst==192.168.1.25” -T Fields -e ip.src -a duration:30>output.txt
The above script captures tshark on the eth0 interface on the server (tshark –i eth0) with a read filter applied to capture IP packets with destination address in the header as 192.168.1.25, which in this case is the servers IP address(-R ip.dst=’=192.168.1.25’), retrieves the source IP address in the packets (-T fields –e ip.src) , for 30 second duration (-a duration:30), and writes the source IP address values to the output.txt file (output.txt)
Online Python Network Programming Course
Recommended Ebook – Building Network Monitoring tools with Python and Tshark
Learn to make custom tools and scripts with Python – Python Network programming