![]() ![]() ![]() This dialogue box opens when the term 'Expression' is right-clicked in the filter toolbar. Initially, it is easier to use Wireshark's Expression Builder dialogue box to add an expression to the display filter. Condition 1 states that the source IP address of the packets must be 10.17.2.5 and condition 2 specifies that the protocol must be TCP and the destination port must be 80.Īny number of conditions can be linked to further limit the selection of traffic displayed.Īs a skilled Wireshark user, expressions can be applied freely from memory. In this example, the conditions are linked with 'and'. Wireshark's filter syntax provides for parentheses, logical operators such as 'and' 'or', and comparison operators such as = or !=.įor example, if you want to show 'any TCP traffic from IP address 10.17.2.5 to port 80', the translation to Wireshark's filter syntax is ip.src = 10.17.2.5 and tcp.dstport = 80. In addition to using simple filters, conditions can also be linked. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |