On 8 mrt 2011, at 19:43, Lukáš Oliva wrote:
> actually this is what I somehow expected. Is there a way how to filter
> out just the packets I want? Like: filter out all frames containing
> LIR message but display only LIR messages?
I think you can do it with:
diameter.cmd.code==302 and not diameter.cmd.code!=302
> I mean could I somehow
> filter this using capture filters (I think this is not possible, but
> just for sure)
Capture filters are limited to (reasonably) fixed offsets to look for stuff, so it will not work with capture filters....
> or how to use display filters with some more precise
> configuration saying display LIR messages only?
Why don't you give the above filter a shot and if it does not work, send a little tracefile with the frame you DO and the frames you DON'T want and I'll give it another shot...
Cheers,
Sake