There are *two* filter languages used throughout Ethereal. The *capture
filters* are used by the underlying packet capture library (libpcap or
WinPCAP), and define efficient filters for packet capturing. The *display
filters* are generated when a packet dissector is written for a given
protocol in Ethereal. They only exist in Ethereal.
There is no way of specifying a *capture filter* for WBXML. However, once
you captured the traffic which may convey WBXML (e.g., HTTP or WSP traffic),
you can use the "wbxml" *display filter* to display the relevant packets.
A capture filter only works up to TCP or UDP in IP networks. Reason for this
is efficiency of the packet capture filter. If you know the ports of the
HTTP (typically port 80) and WSP (typically ports 9200--9203) traffic you
want to monitor, you can construct a capture filter based on those.
Regards,
Olivier
-----Original Message-----
From: lineone
Hi,
Can someone please point me in the right direction for capturing wbxml over
http. I have the following in the capture filter "ip proto wbxml" and I get
the "invalid capture filter".
I looked in the tcpdump manpage and there is no reference to wbxml, yet
ethereal says it is a supported protocol so how do I set it?
Thanks for any help you can supply.
arb.
