In this chapter we have learned how to use the Wireshark GUI. Then we explored what capture filters and display filters are, how to set up a capture, keeping performance in mind, and how to make use of other capturing tools such as tcpdump and snoop in production or in remote capturing. Then we learned about a few Wireshark features such as ACL rule generation, IO graph, Decode-As, exporting packets, and protocol preferences.

In the next chapter we will learn the TCP protocol and will discuss its practical use cases with a lab exercise that will help in troubleshooting common network problems (we will also provide the solution).