Fantastic Mr Fox
Reputation: 33864
Wireshark capture communication between devices on specified IP addresses
Using wire shark, how can capture or filter communication between two devices on a larger network. Eg, say we have this system:
PC1 ----|
|
| ______
PC2 ----|---| |--- Special Device
| |Router|
| |______|
PC3 ----|
If i want the packets of communication between PC1 (ip 139.136.59.13) and the Special device (ip 139.136.59.14). What is the filter command?
Upvotes: 1
Views: 608
Answers (1)
mjs
Reputation: 3005
While you can use filters such as
(ip.src == 139.136.59.13 && ip.dst == 139.136.59.14) ||
(ip.dst == 139.136.59.13 && ip.src == 139.136.59.14)
This is complex. Better is to use ip.addr which will match on either src or dst:
(ip.addr == 139.136.59.13 && ip.addr == 139.136.59.14)
Upvotes: 1
Related Questions
- How to filter by IP address in Wireshark?
- Capturing Network Router Traffic with Wireshark
- Capturing packets using wireshark of an IoT device
- How to capture packets off other machine?
- How can I find the IP address of the machine that created a capture in Wireshark?
- capture router packets using wireshark
- Wireshark filter per ip address "different from" something
- Capture packets coming to router
- Capturing incoming tcp/ip packets
- ip filter for multiple IPs