Chapter 3. Using Display Filters
In this chapter you will learn the following:
- Configuring display filters
- Configuring Ethernet, ARP, host, and network filters
- Configuring TCP/UDP filters
- Configuring specific protocol filters
- Configuring substring operator filters
- Configuring macros
Introduction
In this chapter we will learn how to work with display filters. Display filters are filters that we apply after capturing data (filtered by capture filters or not), and when we wish to display only part of the data.
Display filters can be implemented in order to locate various types of data:
- Parameters such as the IP address, TCP or UDP port numbers, URLs, and server names
- Conditions such as "packet length shorter than..." and the TCP port range
- Phenomena such as ...
Get Network Analysis Using Wireshark Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
