Menu
I want to filter Wireshark's monitoring results according to a filter combination of source, destination ip addresses and also the protocol. So, right now I'm able to filter out the activity for a destination and source ip address using this filter expression: (ip.dst == xxx.xxx.xxx.xxx && ip.src == xxx.xxx.xxx.xxx) || (ip.dst == xxx.xxx.xxx.xxx && ip.src == xxx.xxx.xxx.xxx)
This gives me request response activity of the 2 ip addresses which are destination and source both depending upon whether it is a request or a response. But now, I am getting results for HTTP and TCP both. I want to see results only for HTTP.
Any suggestions how to do that?
733
(ip.dst == xxx.xxx.xxx.xxx && ip.src == xxx.xxx.xxx.xxx) || (ip.dst == xxx.xxx.xxx.xxx && ip.src == xxx.xxx.xxx.xxx) && http
179
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
