Ask Your Question

Chris Rudd's profile - activity

overview network karma followed questions activity
2018-07-12 20:24:11 +0000 marked best answer many to many comparision [display private networks as example]

I'm looking for the best way to do a many to many comparison in wireshark. In this case I want to limit the display filter to only show internal only traffic.


This way doesn't work
(ip.src && ip.dst) == (192.168.0.0/16 || 172.16.0.0/12 || 10.0.0.0/8)

And while this other way works, it will become very difficult to read and manage once you start adding your individual exclusions from vpns and add in your dmz(s)
(ip.src == 192.168.0.0/16 || ip.src == 172.16.0.0/12 || ip.src == 10.0.0.0/8) && (ip.dst == 192.168.0.0/16 || ip.dst == 172.16.0.0/12 || ip.dst == 10.0.0.0/8)


Also I know this specific case should probably a capture filter instead, I'm just using this as an example to explore this question for display filters since they're more widely used for a lot of things.

And a side question, how do I save a display filter expression for common use?
2018-04-13 17:13:27 +0000 received badge  Editor (source)
2018-04-13 17:13:27 +0000 edited question many to many comparision [display private networks as example]

many to many comparision [display private networks only] I'm looking for the best way to do a many to many comparison in
2018-04-13 16:59:09 +0000 asked a question many to many comparision [display private networks as example]

many to many comparision [display private networks only] I'm looking for the best way to do a many to many comparison in
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2