Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2019-09-23 06:49:09 +0000

SYN-bit gravatar image

There are two filtering engines in Wireshark:

  1. Capture filters. Capture filters are used when capturing packets from the network and will determine which packets are saved in the pcap file. Capture filters use BPF syntax (see the tcpdump manual page for more details).
  2. Display filters. Display filters are used to select which packets from the pcap file to show on the screen. Display filters have their own syntax.

As you mention capture filters, I assume you want to limit the packets saved to the pcap file. There is no tns filter in the BPF filter language, you will need to filter on ip addresses and ports. So to not capture any TNS packets, you can use not tcp port 1521. Beware that if you are capturing vlan-tagged traffic, you need to change this filter into not (vlan and tcp port 1521).

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2