Wireshark · Wireshark-users: Re: [Wireshark-users] Help on capturing packets for a particular host

Wireshark-users: Re: [Wireshark-users] Help on capturing packets for a particular host

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Wed, 30 Jul 2008 10:09:41 -0700


On Jul 30, 2008, at 9:50 AM, Abhik Sarkar wrote:

I think if you also added a -f argument with "tcp port
whatever_port_your_webserver_listens_on", I think it should at least
not capture the other traffic.


And if the -f argument you add is

-f "host 10.146.175.235 and tcp portwhatever_port_your_webserver_listens_on"

(where "whatever_port_your_webserver_listens_on " is probably 80...)it will only capture Web traffic to or from 10.146.175.235. If youneed more than one port, try, for example,


	-f "host 10.146.175.235 and (tcp port 80 or tcp port 443)"

if you need ports 80 and 443.

References:
- [Wireshark-users] Help on capturing packets for a particular host
  - From: Arnab Ganguly
- Re: [Wireshark-users] Help on capturing packets for a particular host
  - From: Abhik Sarkar

Prev by Date: Re: [Wireshark-users] Convert Pcap to text file using command line urgent
Next by Date: [Wireshark-users] TCP conversations
Previous by thread: Re: [Wireshark-users] Help on capturing packets for a particular host
Next by thread: [Wireshark-users] mcs in 802.11n
Index(es):
- Date
- Thread