Whether host 172.16.10.202, which is a capture filter, or ip.addr = 172.16.10.202, which is a display filter, is accepted as a filter depends only on where you specify the filter. The master list of display filter protocol fields can be found in the display filter reference. The basics and the syntax of the display filters are described in the User's Guide. Wireshark uses display filters for general packet filtering while viewing and for its ColoringRules. See WireShark man pages (filters) and look for Classless InterDomain Routing (CIDR) notation. Similar effects can be achieved with /16 and /24. We can filter to show only packets to a specific destination IP, from a specific source IP, and even to and from an entire subnet. With Wireshark we can filter by IP in several ways. One of the most common, and important, filters to use and know is the IP address filter.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |