Hi, everytime I hit "start a new live capture" a set of new Ips will pop up. Whenever I press ignore on the IPS I do not want to show up ever again, they still show up whenever I do another live capture... How do I prevent this from happening? Say I want 192.168.1.215 and 239.255.255.250 to not show up again, what do I do? Also, is it possible to copy Ip addresses found in live captures to your clipboard? So you dont have to type them out? Thank you asked 20 Jan '16, 15:03  julian4445 |
One Answer:
You can apply a display filter like You can build the display filter expression step-by-step by right-clicking on a line representing a packet field (like source IP address) in the packet dissection pane and choose You cannot build display filter expressions which use pseudo-fields (such as You can save named (labelled) pre-defined display filters for single-click application in future: at the rightmost end of the line which contains the display filter form field, there is a "+" button. When you press it, another form line is inserted between the original one and the packet list pane, where the filter expression is pre-filled with a copy of the currently used one, and it is enough to fill in the "label" form field and press OK. The additional line disappears and a button with the label you've just filled in is added to the right from the "+" button. Pressing one of these "label" buttons applies the corresponding filter. There is also another button, answered 20 Jan '16, 16:08  sindy edited 20 Jan '16, 16:10 |
You're of great help, thank you! Whenever I click apply as filter and then "not selected" and I try to do it to another source IP Address, it gets rid of the current filter. How do I prevent that from happening?
Click on "Apply as Filter" and then "...and not Selected."
"Selected" or "Not Selected" will replace the current display filter. Any of the choices beginning with "..." will add to the current display filter.