 | 1 | initial version |
We'll need to go back to the basics for this. Wireshark has one way to get to show you packets; reading them from a file. While reading them from a file you can apply display filters, which allows you to limit what's shown.
To get packets into a capture file to be shown, Wireshark offers you the capability to capture packets from interfaces. While capturing you can apply capture filters, which allows you to limit what's getting saved in the capture file.
I think you're confusing the two cases, you're clearly dealing with the first while trying to work the second. It seems that the filter expressions given to you are display filter expressions, so they should be entered in the display filter text box. When that AIX iptrace file is loaded you would get a filtered view of the packets in there when applying the display filter.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
