Sniffing, Tools, Wireshark

Wireshark capture filters examples

Capture only traffic to or from IP address

host xxx.xxx.xxx.xxx

Capture traffic to or from a range of IP addresses

net xxx.xxx.0.0/24

Capture traffic to or from a range of IP addresses

net xxx.xxx.0.0/24

Capture traffic from a range of IP addresses

src net 192.168.0.0/24

Capture traffic to a range of IP addresses

dst net 192.168.0.0/24

Capture single port traffic

port xx

Capture all traffic, exclude specific packets

host www.myhostname.com and not (port xx or port yy)

Capture traffic within a range of ports

tcp portrange 1800-1880

Capture only IP traffic

ip

For more info please visit Wireshark CaptureFilters page.