Wireshark-users: Re: [Wireshark-users] Filter Out PPP

From: "Ron Gallimore" <rgallimore@xxxxxxxxxxxxx>
Date: Mon, 15 Jun 2009 09:24:04 -0400

That did worked.  Thank you everybody for the help.

Ron 

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Joerg Mayer
Sent: Monday, June 15, 2009 8:37 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Filter Out PPP

On Mon, Jun 15, 2009 at 07:50:49AM -0400, Ron Gallimore wrote:
> Thanks for the link but I am looking for a capture filter not a 
> display filter.  I will save the PDF link for future reference.  Is it

> even possible to create a capture filter for PPP and GRE?  I am 
> finding conflicting information online.  I do not want to see what is 
> in the GRE and PPP.  I only want to take it out so my capture files 
> are not too big for my troubleshooting.

I'm making some assumptions first: You are capturing on Ethernet. On top
of that there's IP, on top of that there's GRE, on top of that threre's
PPP.

So what you need to do is just filter out all the GRE traffic, that
should get rid of all the PPP traffic as well.

The capture filter to get rid of GRE in this scenario is: 'ip protocol
!= 47'
Directly filtering out PPP with the ppp keyword would only be possible
if the link layer protocol was set to PPP, which wouldn't make much
sense to filter out in that case.

Ciao
    Joerg

-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
________________________________________________________________________
___
Sent via:    Wireshark-users mailing list
<wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe