1. Filter by IP Address:
To capture traffic to or from a specific IP address, you can use the following filter:
ip.addr == x.x.x.x
2. Filter by Port:
To capture traffic on a specific port, use the following filter:
tcp.port == 80 # for HTTP
udp.port == 53 # for DNS
3. Filter by Protocol:
To filter traffic by a specific protocol, use:
ip.proto == 6 # for TCP
ip.proto == 17 # for UDP
4. Filter by MAC Address:
To capture traffic for a specific MAC address, use:
eth.addr == xx:xx:xx:xx:xx:xx
5. Filter by Host:
To filter traffic to or from a specific host, use:
dns.qry.name == "example.com"
6. Filter by HTTP Traffic:
To capture only HTTP traffic, use:
http
7. Filter by ARP Traffic:
To capture only ARP traffic, use:
arp
8. Filter by ICMP Traffic:
To capture only ICMP (ping) traffic, use:
icmp
9. Filter by Packet Length:
To capture packets of a specific length, use:
frame.len == 1500
10. Filter by Source and Destination:
To capture traffic between two specific IP addresses, use:
ip.src == x.x.x.x and ip.dst == y.y.y.y
Share and support our blog.❤️