 | 1 | initial version |
You can use such filters to match the packet bytes, if you wish. For example:
tcp == e1:90:1f:90:c0:99:3f:0f:5b:f7:83:25:50:10:04:02:e1:eb:00:00
How useful is that? I don't know. Wireshark merely provides you with the ability to filter just about anything you want, but it's up to the user to decide what's useful or not. Other filters besides equality might be more useful though, for example:
dns contains "wireshark"
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.