This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Analyzing packets in wireshark

0

In wireshark when we capture the packets for the Wi-Fi interface, we can analyze the packets that are being sent to server side around us. In the packet data we also get the ip address and the server address. We also get the packet sent by the server which is a acknowledgement. Is there any way to only get the packets which are forwarded to server. I just dont want to see this acknowledgement packets or packets sent by the server. Is that possible?

asked 21 Oct '14, 09:43

Harish%20Vaibhav's gravatar image

Harish Vaibhav
1444
accept rate: 0%


2 Answers:

0

You can use a capture filter for that: src host <interface ip address>

Open the capture options dialog, double click the network interface, add the expression in the capture filter textbox (adding in the IP address of that interface), and watch it turn green. Click Ok and start your capture.

answered 22 Oct '14, 02:10

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

0

I would use the filter (ip.src==a.a.a.a) && (ip.dst==x.x.x.x) because it sounds like you're capturing from the client side. (where a = your capture PC's ip and x = your server's IP)

answered 22 Oct '14, 05:04

robotfish1911's gravatar image

robotfish1911
17114
accept rate: 0%