Menu
Suppose I have a pattern like
01:02:(anything):04:05
How can I construct a display filter in wireshark to filter it out?
Must I do this?
data[0:2]==01:02 and data[3:2]==04:05
300
asked Sep 08 '25 14:09
To use wildcard, you may use . (dot).
Both the searches below will give same result,
data.data ~ "Hello World"
data.data ~ He..o.Wor.d
In your case 01:02:(anything):04:05, if we do not know length of (anything) this may not work.
81
answered Sep 10 '25 06:09
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With