 | 1 | initial version |
The wireshark-filter man page is probably the best place to go for a description of the slice operator. But using the slice operator requires that you know much more information about the field such as its offset and length than simply filtering by field name, so in general I'd say that using the field name is going to be much easier and convenient in most cases.
| | 2 | No.2 Revision |
The wireshark-filter man page is probably the best place to go for a description of the slice operator. But using the slice operator requires that you know much more information about the field such as its offset and length than simply filtering by field name, so in general I'd say that using the field name is going to be much easier and more convenient in most cases.
