This is our old Q&A Site. Please post any new questions and answers at

I'm looking for the syntax to do a capture filter on WireShark, by capturing the traffic on several (specific) IP addresses. I understand how to capture a range, and an individual IP address. However, the application I am capturing on is spread of a 'bucket' of IP addresses/servers, of which other applications are based within the same range. See my example:

ECommerce App Servers:,, - This is what I want to capture on (filtered on these exact IPs) I have tried 'host host' etc. There are other applications within this range, e.g. PayRoll App is on, and I don't want to see any of this in my capture. Therefore 'net' to capture the whole range will not work for me.

an anyone provide me the syntax? Is it even possible?

asked 13 Jun '11, 08:08

scankified's gravatar image

accept rate: 0%

Yes, you can use the capture filter:

host or host or host

Or even shorter:

host or or

If you want to capture a whole subnet, but one IP, you can use:

net and not host

Hope this helps!

permanent link

answered 13 Jun '11, 08:14

SYN-bit's gravatar image

SYN-bit ♦♦
accept rate: 20%

edited 13 Jun '11, 10:37

This codes not working host ip and others I using a 1.12.8 version

(10 Nov '15, 07:47) harutokawasaki

What's not working? Note you should really raise your own question, not piggy back on another, and in it show the exact filter that doesn't work for you

(10 Nov '15, 08:05) grahamb ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 13 Jun '11, 08:08

question was seen: 50,915 times

last updated: 10 Nov '15, 08:06

p​o​w​e​r​e​d by O​S​Q​A