Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 11860] Display filter operator != not working as exepected

Wireshark-bugs: [Wireshark-bugs] [Bug 11860] Display filter operator != not working as exepected

Date: Mon, 07 Dec 2015 12:16:54 +0000

Comment # 3 on bug 11860 from hvgeekwtrvl@gmail.com

Guy and Pascal thanks for the information.

The confusion lies in the issue that you are not treating the != and ==
operators in the same fashion and it's probably due to the way the search is
written.

In the case of 'ip.addr == x.x.x.x' you are treating this as an OR 'ip.src ==
x.x.x.x OR ip.dst == x.x.x.x' versus the 'ip.addr != x.x.x.x' is being treated
as an AND 'ip.src != x.x.x.x AND ip.dst != x.x.x.x).

>From the logic presented this is probably happening as it sounds like the
search in both cases is being done as 'ip.src == x.x.x.x OR ip.dst == x.x.x.x'
and then being taken as the result or negated if the != operator is present
instead of actually making the search 'ip.src != x.x.x.x OR ip.dst != x.x.x.x'.
 This is backed up by the documentation snippet which Pascal linked too as the
'==' search is an OR condition and the '!=' is an AND condition.

It would be more consistent if your searches were all OR's or all AND's.

Thank you for the clarification.

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 11860] New: Display filter operator != not working as exepected
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 11860] Display filter operator != not working as exepected
Next by Date: [Wireshark-bugs] [Bug 11859] Can't extract file included in HTTP upload
Previous by thread: [Wireshark-bugs] [Bug 11860] Display filter operator != not working as exepected
Next by thread: [Wireshark-bugs] [Bug 11860] Display filter operator != not working as exepected
Index(es):
- Date
- Thread