THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

default capture filters

Hello:

I have a question regarding default capture filters. If i goto capture>capture filters. i see bunch of filerers. Are those effective by default capture filters?

thanks

quest4answer's avatar
11
quest4answer
asked 2021-06-05 15:55:29 +0000, updated 2021-06-05 15:56:14 +0000
edit flag offensive 0 remove flag close merge delete

Comments

The history/commits of the cfilters file.

Ethereal-dev - New: global default files for cfilters/colorfilters/dfilters

The idea behind this is: after installation of a new Ethereal, the
dialogs for "Color Filters", "Display Filters" and "Coloring Rules" are
just left blank. There's no real starting point for own experiments, and
"learning by doing" can be very difficult here.

Can you expand on what you were looking for.

Chuckc's avatar Chuckc (2021-06-05 19:28:22 +0000) edit
more
  • delete

my point was there is a list of capture fitler by default. are they effective by default?

quest4answer's avatar quest4answer (2021-06-06 22:51:28 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

Hello, the capture filter you see in capture -> capture filters can be used as predefined filters. (See screenshot)

The default filter which is used is empty.

Hope I got your question right.

image description

Christian_R's avatar
2.1k
Christian_R
answered 2021-06-06 15:54:07 +0000, updated 2021-06-06 15:55:29 +0000
edit flag offensive 0 remove flag delete link
more

Comments

what do you mean by predefined? for example if i only want to capture only http traffic.. is "tcp port http" effective?

quest4answer's avatar quest4answer (2021-06-06 22:57:09 +0000) edit
more
  • delete

Either you put int the field "Enter a capture filter: tcp port http or

you can press the green flag and select the filter HTTP TCP port (80) from the list which appears there. As it can be seen on the screenshot. And then the capture filter tcp port http will be used.

The main idea of capture -> capture filters is related to ethereal, where the capture procedure worked a little bit different in the beginning as far as I can remember and there the capture filter dialog had have more relevant.

But is of course it is still fantastic that it is there and you can save your favorite and maybe complicated capture filters.

Christian_R's avatar Christian_R (2021-06-07 20:15:14 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer