 | 1 | initial version |
The filter is the easy part; the capture setup is the harder part.
A Wireshark capture filter uses pcap-filter syntax, so you could specify a capture filter something like, host 192.168.1.26 and host 192.168.1.1. Such a capture filter would only capture traffic between these 2 host endpoints.
If instead you want to capture more than just the traffic between those 2 endpoints and filter traffic later using a Wireshark display filter, then you could post-apply one using the Wireshark display filter syntax. An example of a display filter to only display traffic between the aforementioned 2 endpoints is, ip.addr eq 192.168.1.26 and ip.addr eq 192.168.1.1.
As I mentioned above though, the capture setup part is probably going to be the harder problem for you to solve, because you need to be able to capture the wireless traffic between the iPad and router, and for that, you'll need a device with a wireless card capable of being placed into monitor mode so the relevant wireless traffic can be captured. Perhaps a good place to get started with that is by visiting the WLAN (IEEE 802.11) capture setup wiki page.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
