Wireshark-users: Re: [Wireshark-users] how to filter a port?
From: Guy Harris <[email protected]>
Date: Mon, 26 Feb 2007 02:37:18 -0800
David Drexler wrote:
It's either to or from 'http'.  I also tried

tcp.port != 80

same results. I want to run the capture realtime and only see the traffic that interests me.
Then you'll need to find out what ports the traffic is going to or 
coming from - capture filters only work at that level.
The Wireshark HTTP dissector checks for traffic to or from the following 
ports:
	80, 1900, 3128, 3132, 8080, 8088, 11371

If you filter all of them out, with, for example:

	not port 80 and not port 1900 and not port 3128 and ...

that should exclude traffic that Wireshark classifies as HTTP.