Quoting Marco Zuppone <msz@xxxxxx>:
Hello,
I have a question about capture filters.
I noticed that the basic capture filter predefined in Wireshark to
do not capture arp and DNS requests is defined in this way:
not arp and port not 53
What is the difference with: not arp and not port 53?
Thanks in advance
Marco - StockTrader
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
I don't quite know about the capture filter whether default or not.
'not arp' means that it will filter out the address resolution
protocol communication and 'not arp' will filter out communication
over port 53, mostly if not absolutely DNS requests.
You can read more about ARP here:
http://www.tildefrugal.net/tech/arp.php
Cheers-
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
