Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] Filtering on file extensions

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Brian J Pohlman <BPohlman@xxxxxxx>
Date: Tue, 24 Jan 2012 14:52:53 -0600
Yes, it is SMB

And that looks to have done it, it is getting me what I need. Thanks very much.

Regards
Brian



From:        Martin Visser <martinvisser99@xxxxxxxxx>
To:        Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>,
Date:        01/24/2012 02:48 PM
Subject:        Re: [Wireshark-users] Filtering on file extensions
Sent by:        wireshark-users-bounces@xxxxxxxxxxxxx



You haven't said what protocol you are using for your file server, but if it is SMB (aka CIFS or WIndows file sharing), than a display filter like "smb.file contains .mp3" will show up appropriate requests and responses.

Regards, Martin

MartinVisser99@xxxxxxxxx
On 25 January 2012 06:22, Brian J Pohlman <BPohlman@xxxxxxx> wrote:
Is it possible to filter on specific file extensions within Wireshark using wild cards?

I'm capturing traffic on a file server looking for extensions such as .mp3, .mp4, etc. I can filter on specific file names but haven't found a way using wildcards (if supported)

I would like to filter on file extensions such as *.mp3

Thanks for any insight provided.

Brian
This e-mail and any attached files may contain CB&I (or its affiliates) confidential and privileged information. This information is protected by law and/or agreements between CB&I (or its affiliates) and either you, your employer or any contract provider with which you or your employer are associated. If you are not an intended recipient, please contact the sender by reply e-mail and delete all copies of this e-mail; further, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.

 

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

This e-mail and any attached files may contain CB&I (or its affiliates) confidential and privileged information. This information is protected by law and/or agreements between CB&I (or its affiliates) and either you, your employer or any contract provider with which you or your employer are associated. If you are not an intended recipient, please contact the sender by reply e-mail and delete all copies of this e-mail; further, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.

 

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube