Wireshark · Ethereal-users: Re: [ethereal-users] capture filters for windows port

Ethereal-users: Re: [ethereal-users] capture filters for windows port

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>

Date: Fri, 5 May 2000 17:31:32 -0700 (PDT)

> But, since you're using the Windows port, you may not have access
> to the tcpdump manpage.

It might come with WinDump, although you don't need WinDump to run
Ethereal, just WinPcap.

However, the Politecnico di Torino site has the WinPcap man page on line
at

	http://netgroup-serv.polito.it/windump/docs/manual.htm

> BTW,the filter you need is "tcp port 80"

Well, he also wants "host <whatever the host was>", as per my mail.

However, even though it wasn't in my mail, the "tcp" you put in your
filter should, in fact, be in the filter, so the right filter is

	host <whatever the host was> and tcp port 80

rather than

	host <whatever the host was> and port 80

that was in my mail; that one will also capture UDP traffic to or from
UDP port 80.  (80 is assigned to HTTP for UDP, according to

	http://www.isi.edu/in-notes/iana/assignments/port-numbers

but HTTP doesn't run atop UDP, as far as I know, so this is presumably a
"we'll grab this just in case we need it" rather than "UDP port 80 is
for HTTP".)

References:
- Re: [ethereal-users] capture filters for windows port
  - From: Gilbert Ramirez

Prev by Date: Re: [ethereal-users] Re: RHAT 6.2 & UCD SNMP 4.1.1
Next by Date: Re: [ethereal-users] capture filters for windows port
Previous by thread: Re: [ethereal-users] capture filters for windows port
Next by thread: [no subject]
Index(es):
- Date
- Thread