Ethereal-users: Re: [Ethereal-users] Only Sniffing ONE Machine

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "John A. Beach" <john@xxxxxxxxxxxxx>
Date: Sun, 2 Jun 2002 14:49:29 -0400
Open the "Capture" dialog and click the "Filter" button to create a
capture filter.  Type in "Host <hostname>" for all traffic and "IP Host
<hostname>" for all IP traffic.

Ethereal uses the same packet capture syntax as WinDump.  Check out the
WinDump docs here:

   http://windump.polito.it/docs/manual.htm#Wdump


-jb


Sunday, June 2, 2002, 2:34:24 PM, you wrote:

JH> Greetings from the great State of Misery, err Missouri. :)

JH> Is there a way to setup a filter so that Ethereal only looks at ONE IP
JH> on the network?

JH> We ran into a problem this week with SOMETHING being sent to one of our
JH> HP Jetdirect boxes over and over again and we needed to find out the
JH> source IP.

JH> We used Ethereal (that gets installed with RH 7.3) and it worked fine -
JH> but just wanted to know if there was a way to only sniff one IP address
JH> that we happen to be having problems with so we don't have to wade thru
JH> the entire log.

JH> Thanks!

JH> Jim Hale
JH> ---
JH> Jim & Kathy's Website Collection
JH> http://hale.dyndns.org 


JH> _______________________________________________
JH> Ethereal-users mailing list
JH> Ethereal-users@xxxxxxxxxxxx
JH> http://www.ethereal.com/mailman/listinfo/ethereal-users