 | 1 | initial version |
There are filters for both ip address (ip.addr) and tcp port (tcp.port) that will filter both "directions" for the respective protocols, e.g.
ip.addr == 1.2.3.4 is equivalent to (ip.src == 1.2.3.4 || ip.dst == 1.2.3.4)
and
tcp.port == 12345 is equivalent to (tcp.srcport == 12345 || tcp.dstport == 12345)
Similarly there are udp.port and sctp.port fields, and probably many others I've never need to use.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
