Wireshark · Ethereal-users: Re: [Ethereal-users] Capture QUestion

Ethereal-users: Re: [Ethereal-users] Capture QUestion

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Wed, 5 Nov 2003 22:30:14 -0800

On Wed, Nov 05, 2003 at 05:46:44PM -0500, Eric Chunn wrote:
> If I want to capture packets between 2 devices, i.e 192.168.1.3  and
> 10.1.20.20, how would you do that?

Either by running a packet capture program on one of those devices or,
if the network they're on is a shared network, so that you can do
"third-party" snooping (Ethereal, for example, is a shared network),
plugging some other machine that network and running a capture program
on that machine.

Note, however, that the second one won't necessarily work automatically
on Ethernets:

	http://www.ethereal.com/faq.html#q5.1

> Would you need to create a filter

Only if you didn't want to capture any traffic *other* than packets
between those devices and there was such traffic.

> And if so what would the string look like?

	host 192.168.1.3 and host 10.1.20.20

References:
- [Ethereal-users] Capture QUestion
  - From: Eric Chunn

Prev by Date: [Ethereal-users] Capture QUestion
Next by Date: [Ethereal-users] X.25
Previous by thread: [Ethereal-users] Capture QUestion
Next by thread: [Ethereal-users] X.25
Index(es):
- Date
- Thread