I am first time user. The interface is overwhelming with too many choices. I simply want to capture packets to and from a single IP on my network. When I look at Capture Filters and Display filters, and take out what I think I don't need, it quits working. I have looked at the wiki on capture and display filters, and neither were helpful. Wireshark worked when first installed it and no filters set.
To capture the traffic to and from a single IP, select the interface that contains the traffic of interest (if uncertain select them all) and then in the capture filter type:
host ip.of.interest
Note that if you're running on a typical wired network (switched) Wireshark will only be able to capture traffic between the machine you're capturing on and the IP of interest, traffic between that IP and others machines will NOT be captured.
If you're running on a Wireless network ,you might be able to capture traffic between other machines using "Monitor Mode", but this can be difficult to make work, especially using Windows as the capture machine.
There is an intro into Capture Setup on the Wiki, but it's quite technical as it's a technical task.
Asked: 2019-09-16 15:37:05 +0000
Seen: 294 times
Last updated: Sep 16 '19
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.