Wireshark · Wireshark-users: [Wireshark-users] limit of IP filters in dumpcap

Wireshark-users: [Wireshark-users] limit of IP filters in dumpcap

From: Jianhong Xia <jianhong.xia@xxxxxxxxxxx>

Date: Tue, 18 Apr 2017 02:08:40 +0000

Hi,

I am not sure if anyone asked this question before.

I am using dumpcap to capture network traffic with thousands of clients from local sub-network. I would like to use IP filter to capture the traffic from/to selectively IP addresses. I know if I have a few IP addresses to capture, I can use

dumpcap -i en0 -f 'host x.a.b.c and host x.d.e.f and host x.g.h.i' -w traffic.pcap

However, if I have thousands of IP addresses that I want to capture their traffic, how many IP address filters that dumpcap can support?

Thanks,

Jianhong

Follow-Ups:
- Re: [Wireshark-users] limit of IP filters in dumpcap
  - From: Peter Wu

Prev by Date: [Wireshark-users] wnpa-sec-2017-04 and 2.0.12
Next by Date: [Wireshark-users] Content removed
Previous by thread: Re: [Wireshark-users] wnpa-sec-2017-04 and 2.0.12
Next by thread: Re: [Wireshark-users] limit of IP filters in dumpcap
Index(es):
- Date
- Thread