Hi,
How can I set up a capture filter just to capture ARP, DNS and PING? I did
it with Display filters but the same method didn't work for the Capture
filter. I'm new to Wireshark and still struggling with some easy stuff.
Nilay
___
Wireshark-users
Try
icmp or dns or arp
Regards
TRoopy
-- Original Message --
From: nilay yildirim [EMAIL PROTECTED]
Reply-To: Community support list for Wireshark wireshark-users@wireshark.org
Date: Sun, 6 Jan 2008 16:21:59 -0500
Hi,
How can I set up a capture filter
nilay yildirim wrote:
How can I set up a capture filter just to capture ARP, DNS and PING?
DNS generally means traffic to or from the Domain Name System port,
and PING generally means ICMP Echo and Echo Reply packets, so:
arp or port domain or icmp[icmptype] = icmp-echo or
Thanks. So how about if I wanted to only capture all packets to and from
10.10.10.10 ( host ip adress) but just arp, dns and ping? What does this
changes? Or I need to create another filter???
arp or port domain or icmp[icmptype] = icmp-echo or icmp[icmptype] =
icmp-echoreply
On Jan 6, 2008
@wireshark.org
Subject: [Wireshark-users] Capture filter for ARP, DNS and PING
Hi,
How can I set up a capture filter just to capture ARP, DNS and PING? I did
it with Display filters but the same method didn't work for the Capture
filter. I'm new to Wireshark and still struggling with some easy
nilay yildirim wrote:
Thanks. So how about if I wanted to only capture all packets to and from
10.10.10.10 http://10.10.10.10 ( host ip adress) but just arp, dns and
ping? What does this changes? Or I need to create another filter???
ARP packets don't go to or from IP addresses - they go to
