This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to filter one way communication( packets/IPs)

0

Hello

  I have a capture file and in it there are some IP which have only one way traffic means traffic comes to destination but when destination reply back to source that packets are not there in that capture file. So tell me how I can find the missing packets which has no reply (means only one way traffic)

Like I have Client and server
Server = 192.168.1.10 Client1 =192.168.1.21 Client2 =192.168.1.22 Client3 =192.168.1.23 Client4 =192.168.1.24

In the file I have the packets Client1 to Server and Server to Client1 Client2 to Server and Server to Client2 Client4 to Server and Server to Client4 And only for Client3 I am getting only one way traffic means Traffic is going Client3 to Server but no Traffic is from Server to Client3

So tell me how I can filter these kind of traffic which have only one way of communication using Wireshark. In real I have a lot of clients so I want to know which client is have only one way traffic.

Thanks Regards Mudasser

asked 12 Mar '13, 03:33

togreatmind's gravatar image

togreatmind
1234
accept rate: 0%


One Answer:

2

Goto menu Statistics|Conversations. Sort the list on 'Packets A->B', or 'Packets A<-B', and see which has 0 at the one end.

answered 12 Mar '13, 03:50

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Thanks alot dear

(12 Mar '13, 04:45) togreatmind