Wireshark · Wireshark-users: [Wireshark-users] Wireshark capture filters

Wireshark-users: [Wireshark-users] Wireshark capture filters

From: Michael Bann <mbann@xxxxxxxxxxxx>

Date: Wed, 28 Mar 2007 13:51:33 -0500

Hey folks,

I am looking into the possibility of using wireshark terminal (stillcalled "tethereal" on my computer) for some basic security automation.The problem is two-fold.

- First, I need to know how feasible it would be to have possiblyaround 1000 capture filters. They would all be of the form "dst host<dst ip> and src host <src ip> and not ether dst host <dst host ether>".Suppose it could be considered an arp poisoning test. Would that manyrules grind tethereal to a halt?- Secondly, how can i load capture filters from a file (using tetherealin my case). I have some capture filters saved in the cfilter file, butthey don't seem to be getting loaded. (of the form "filter" <actualfilter line>\n)


Thanks in advance!

Mike

Follow-Ups:
- Re: [Wireshark-users] Wireshark capture filters
  - From: Guy Harris

Prev by Date: Re: [Wireshark-users] Multiple HTTP Requests in 1 Pkt
Next by Date: Re: [Wireshark-users] Wireshark capture filters
Previous by thread: Re: [Wireshark-users] Multiple HTTP Requests in 1 Pkt
Next by thread: Re: [Wireshark-users] Wireshark capture filters
Index(es):
- Date
- Thread