![]() Wireshark provides a simple but powerful display filter language that allows us to build quite complex filter expressions. General syntax of the capture filter syntax is given below (for more details please follow official Filtering while capturing and CaptureFilters).Ī capture filter takes the form of a series of primitive expressions connected by conjunctions ( and/ or) and optionally preceded by not: The display filter (which is much more powerful and complex) will permit to search exactly the data we want. If we change our mind, we can always change the filters set to select other set of packages (but remember that we can't this way select packages rejected by first type of filters - the capture filters). Simply speaking, display filters narrow packet set from what has been recorded to what interests us now. They can be modified while data is captured.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |