Revision history [back]

I am new to wireshark and like to filter dns & ldap with source and destination IP. Below filters sooner i apply them to execute , Wireshark filter field turns into yellow with tangle mark.

dns or ldap and (ip.src==10.0.20.62) dns or ldap and (ip.dst==10.0.20.62)

When i try with individual filter , it works fine but i need to two times and its time consuming process as our cap file is more then 30 GB.

dns and (ip.src==10.0.20.62) ldap and (ip.src==10.0.20.62)

Is there are any way to combine both the protocols in one filter command against Ip.src or ip.dst to avoid running two times.

Kindly advice how to correct the filters as i am stringing from past days.

Thanks a lot in advice, Suvajit Basu

I am new to wireshark and like to filter dns & ldap with source and destination IP. Below filters sooner i apply them to execute , Wireshark filter field turns into yellow with tangle mark.

dns or ldap and (ip.src==10.0.20.62) dns or ldap and (ip.dst==10.0.20.62)

When i try with individual filter , it works fine but i need to two times and its time consuming process as our cap file is more then 30 GB.

dns and (ip.src==10.0.20.62) ldap and (ip.src==10.0.20.62)

Is there are any way to combine both the protocols in one filter command against Ip.src or ip.dst to avoid running two times.

Kindly advice how to correct the filters as i am stringing struggling from past days.

Thanks a lot in advice, Suvajit Basu

I am new to wireshark and like to filter dns & ldap with source and destination IP. Below filters sooner i apply them to execute , Wireshark filter field turns into yellow with tangle mark.

dns or ldap and (ip.src==10.0.20.62) dns or ldap and (ip.dst==10.0.20.62)

When i try with individual filter , it works fine but i need to two times and its time consuming process as our cap file is more then 30 GB.

dns and (ip.src==10.0.20.62) ldap and (ip.src==10.0.20.62)

Is there are any way to combine both the protocols in one filter command against Ip.src or ip.dst to avoid running two times.

Kindly advice how to correct the filters as i am struggling from past days.

Thanks a lot in advice, Suvajit Basu

I am new to wireshark and like to filter dns & ldap with source and destination IP. Below filters sooner i apply them to execute , Wireshark filter field turns into yellow with tangle mark.

dns or ldap and (ip.src==10.0.20.62) (ip.src==10.0.20.62)
dns or ldap and (ip.dst==10.0.20.62)

When i try with individual filter , it works fine but i need to two times and its time consuming process as our cap file is more then 30 GB.

dns and (ip.src==10.0.20.62) (ip.src==10.0.20.62)
ldap and (ip.src==10.0.20.62)

Is there are any way to combine both the protocols in one filter command against Ip.src or ip.dst to avoid running two times.

Kindly advice how to correct the filters as i am struggling from past days.

Thanks a lot in advice, Suvajit Basu

I am new to wireshark and like to filter dns & ldap with source and destination IP. Below filters sooner i apply them to execute , Wireshark filter field turns into yellow with tangle mark.

dns or ldap and (ip.src==10.0.20.62) 
 
dns or ldap and (ip.dst==10.0.20.62)
(ip.dst==10.0.20.62)

dns and (ip.src==10.0.20.62) 
 
ldap and (ip.src==10.0.20.62)
(ip.src==10.0.20.62)