Wireshark mailing list archives
Re: filter packets
From: Guy Harris <guy () alum mit edu>
Date: Wed, 15 May 2013 15:54:37 -0700
On May 15, 2013, at 3:19 PM, Ahmed Elshaer <a.n.elshaer () gmail com> wrote:
can i filter packets that contains a specific text string , i just want to capture the packets that contain that string not any other string,
Unfortunately, the filtering that can be done with BPF (which is what tcpdump and Wireshark use for capture filtering) is limited in what it can do (by design - it's done by running an interpreted or JIT-compiled program in the kernel, and, to prevent infinite loops being run in the kernel, loops are not allowed, and there is no "search for a string" instruction). ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- filter packets Ahmed Elshaer (May 15)
- Re: filter packets Guy Harris (May 15)