Wireshark · Wireshark-users: Re: [Wireshark-users] Wireshark Capture Filter Using Offset

Wireshark-users: Re: [Wireshark-users] Wireshark Capture Filter Using Offset

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Mon, 19 Jul 2010 23:25:28 -0700

On Jul 19, 2010, at 9:32 PM, j.snelders wrote:

> I think  the capture filter should be (but can't test it right now):
> dns[2:2]==0x2800

libpcap doesn't know about DNS, so that doesn't work.

References:
- Re: [Wireshark-users] Wireshark Capture Filter Using Offset
  - From: j.snelders

Prev by Date: Re: [Wireshark-users] Wireshark Capture Filter Using Offset
Next by Date: Re: [Wireshark-users] Wireshark Capture Filter Using Offset
Previous by thread: Re: [Wireshark-users] Wireshark Capture Filter Using Offset
Next by thread: Re: [Wireshark-users] Wireshark Capture Filter Using Offset
Index(es):
- Date
- Thread