Wireshark · Wireshark-users: Re: [Wireshark-users] how to filter a port?

Wireshark-users: Re: [Wireshark-users] how to filter a port?

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Mon, 26 Feb 2007 02:37:18 -0800

David Drexler wrote:

It's either to or from 'http'.  I also tried

tcp.port != 80
same results. I want to run the capture realtime and only see thetraffic that interests me.

Then you'll need to find out what ports the traffic is going to orcoming from - capture filters only work at that level.

The Wireshark HTTP dissector checks for traffic to or from the followingports:


	80, 1900, 3128, 3132, 8080, 8088, 11371

If you filter all of them out, with, for example:

	not port 80 and not port 1900 and not port 3128 and ...

that should exclude traffic that Wireshark classifies as HTTP.

References:
- [Wireshark-users] how to filter a port?
  - From: David Drexler
- Re: [Wireshark-users] how to filter a port?
  - From: Jeff Morriss
- Re: [Wireshark-users] how to filter a port?
  - From: David Drexler

Prev by Date: Re: [Wireshark-users] how to filter a port?
Next by Date: Re: [Wireshark-users] Gr Interface
Previous by thread: Re: [Wireshark-users] how to filter a port?
Next by thread: [Wireshark-users] test
Index(es):
- Date
- Thread