Wireshark mailing list archives
Re: Need filters
From: Guy Harris <guy () alum mit edu>
Date: Wed, 23 Jun 2010 15:16:51 -0700
On Jun 23, 2010, at 2:53 PM, David H. Lipman wrote:
Command Line switches are not a god idea as this is only the beginning of filtering out process.
If he uses a command to capture traffic, and you don't want the "Microsoft noise" in the capture file, command line switches are the *ONLY* idea.
Does TShark interpret a disk file with these directives ?
To what directives are you referring? If you want to capture without filtering out the "Microsoft noise", so the noise, as well as the other traffic which you *are* interested in seeing, is in the capture file, and filter it out later, when you look at the capture file, you can use the filter "!nbns" as a read filter in TShark or a display filter in Wireshark. ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Need filters, (continued)
- Re: Need filters bart sikkes (Jun 22)
- Re: Need filters David H. Lipman (Jun 23)
- Re: Need filters M K (Jun 27)
- Re: Need filters David H. Lipman (Jun 27)
- Which is the stable version for wireshark ? Reddy Nagendra-GKTC37 (Jun 27)
- Re: Which is the stable version for wireshark ? Jaap Keuter (Jun 27)
- Re: Which is the stable version for wireshark ? Reddy Nagendra-GKTC37 (Jun 27)
- Re: Need filters David H. Lipman (Jun 23)
- Re: Need filters Jaap Keuter (Jun 23)
- Re: Need filters David H. Lipman (Jun 23)
- Re: Need filters Guy Harris (Jun 23)
- Re: Need filters David H. Lipman (Jun 23)
- Re: Need filters Guy Harris (Jun 23)
- Re: Need filters János Löbb (Jun 24)
- Re: Need filters Guy Harris (Jun 24)
- Re: Need filters David H. Lipman (Jun 24)