This seems to be quite a trivial problem, but after some searching I can't stil figure out the answer. One can run tcpdump using "any" as the interface description, ie:
# tcpdump -i any -n host 192.168.0.1
Is there any way to force tcpdump to show on which interface displayed packet was captured?
Update:
As more people confirmed this is probably not possible with vanilla tcpdump, can someone propose a solution to mentioned problem? Perhaps different sniffer?
General issue is as follows: On a system with 50 interfaces determine what is inbound interface for packets coming from specific ip address.
Best Answer
I hope somebody is still interested in the solution to the problem. ;) We had the same issue in our company and I started writing a script for this.
I wrote a blog post about it with the source code and a screenshot.
I've also shared it below...
And the code: (Be sure to check my site for future updates)