Network Analysis Using Wireshark 2 Cookbook(Second Edition)
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

How to do it...

Follow the instructions mentioned in the Configure capture filters recipe, and configure the filters as follows:

  • For capturing packets to/from host 10.10.10.1, configure host 10.10.10.1.
  • For capturing packets to/from host at www.cnn.com, configure host www.cnn.com.
  • For capturing packets to host 10.10.10.1, configure dst host 10.10.10.1.
  • For capturing packets from host 10.10.10.1, configure src host 10.10.10.1.
  • For capturing packets to/from network 192.168.1.0/24, configure net 192.168.1.0 or net 192.168.1.0 mask 255.255.255.0 or net 192.168.1.0/24.
  • For capturing all data without broadcasts or without multicasts, configure not broadcast or not multicast.
  • For capturing packets to/from the IPv6 network 2001::/16, configure net 2001::/16.
  • For capturing packets to IPv6 host 2001::1, configure host 2001::1.
  • For capturing only ICMP packets, configure ip proto 1.
  • For filtering only ICMP echoes (pings) you can use ICMP messages or message codes. Configure icmp[icmptype]==icmp-echo or icmp[icmptype]==8.
上一章目录下一章