On Sat, Nov 24, 2007 at 01:17:56AM -0600, michael butler wrote:
> How do I get rid/stop capture of the constant 20+ packets a second sent from
> router to pc/pc to router? With one capture session I have hundreds of these
> packets.
You can exclude the mac-address of the router while making a capture
by using the filter "not ether host <mac-address-of-router>"
If you want to do this on a trace file that you already have captured
you can do the same with the display-filter "eth.addr == mac-address-of-router>"
Of course that will filter out *all* traffic to and from your router
so if you want to see other traffic to/from the router apart from the
20-odd packets/s, you will have to look at the 20-odd packets/s to
see if there is anything you can filter on. If you want help with doing
that, you could post a small capture with this traffic to this list.
Hope this helps, Cheers
Sake
