Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 2804] most capture filters are inoperative when sniffing w

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 15 Apr 2010 15:35:48 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2804

Guy Harris <guy@xxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |guy@xxxxxxxxxxxx

--- Comment #5 from Guy Harris <guy@xxxxxxxxxxxx> 2010-04-15 15:35:48 PDT ---
The decryption happens in Wireshark, at least for monitor mode (if you're not
capturing in monitor or promiscuous mode, the decryption is handled in the card
or driver, and the filtering is done *after* that, so it works).

Implementing capture filters is actually not that hard - libpcap/WinPcap
includes a BPF interpreter, bpf_filter(), and pcap_compile() compiles filters
into BPF.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube