Wireshark mailing list archives
Re: Filter out a string using a display filter
From: Guy Harris <guy () alum mit edu>
Date: Fri, 14 May 2010 10:05:00 -0700
On May 14, 2010, at 4:13 AM, Panagiotis Georgopoulos wrote:
a) is there a reference table somewhere that describes these values e.g. that 0x04 is probe request and 0x05 is probe reply?
http://standards.ieee.org/getieee802/802.11.html
Look for IEEE Std 802.11-2007.
b) is there a way to instruct Wireshark to filter based on the info it presents in the info field for a packet? (which is what the user sees, so IMHO it makes much more sense)
The user sees both the Info field *and* the detailed dissection, so it makes sense to offer both the ability to filter
on the contents of the Info field *AND* on the contents of particular filterable fields.
There is currently no way to say
info contains "Probe response"
although something such as that would be a useful enhancement.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Filter out a string using a display filter Panagiotis Georgopoulos (May 13)
- Re: Filter out a string using a display filter Anthony Murabito (May 13)
- Re: Filter out a string using a display filter Guy Harris (May 13)
- Re: Filter out a string using a display filter Panagiotis Georgopoulos (May 14)
- Re: Filter out a string using a display filter Anthony Murabito (May 14)
- Re: Filter out a string using a display filter j.snelders (May 14)
- Re: Filter out a string using a display filter Wes (May 14)
- Re: Filter out a string using a display filter Guy Harris (May 14)
- Re: Filter out a string using a display filter Guy Harris (May 13)
- Re: Filter out a string using a display filter Anthony Murabito (May 13)