Wireshark · Ethereal-users: RE: [ethereal-users] help please.

Ethereal-users: RE: [ethereal-users] help please.

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "R.K. SUBRAMANIAN" <subramanian.rk@xxxxxxxxxxxxxxxx>

Date: Thu, 27 Apr 2000 10:16:03 +0530 (IST)

thanx john.. 

i did exactly the same as u said. Guy Harris had also explalined me the
procedure earlier. I am able to do filtering now.. thanx to u both.. 

the problem i m facing now is.. i run ethereal once.. and if i resume it
without exiting.. i get a core dump. how do i evade this ?

subramanian

On Wed, 26 Apr 2000, John Wheatley wrote:

> You may be having the same confusion I had in using the Ethereal Filter setup window- It is not what I would call intuitive.
> 1. Bring up the Ethereal Filters window
> 2. Enter a Name- overwrite whatever is there if necessary- Ex Port20K Only
> 3. Enter the filter string- Ex tcp.port==20000
> 4. Now press New button
> 5. Press Save ? Not sure but just in case.
> Now you have a filter named Port20K Only
> The trick is to fill in the blanks and then hit New- opposite of what I expected.
> JohnW
> 
> -----Original Message-----
> From:	R.K. SUBRAMANIAN [SMTP:subramanian.rk@xxxxxxxxxxxxxxxx]
> Sent:	Tuesday, April 25, 2000 9:53 PM
> To:	Guy Harris
> Cc:	ethereal-users@xxxxxxxx
> Subject:	Re: [ethereal-users] help please.
> 
> thanx Guy, thanx John for the prompt response.
> 
> Guy, What I mean to say is -- I m not able to use the Filter Preferences
> in the pop-down menu of ethereal GUI. I am not able to create a new filter
> from that option. However, I am able to use filters using the pane below
> the hex dump pane. 
> 
> 
> regards,
> Subramanian
> 
> On Tue, 25 Apr 2000, Guy Harris wrote:
> 
> > > i downloaded ethereal for Red Hat Linux 6.1. I followed the instructions
> > > to install it and ethereal ran well. However, I am not able to configure
> > > filters.
> > 
> > What do you mean by "I am not able to configure filters"?
> > 
> > Do you mean that when you try to specify a capture filter it reports an
> > error?
> > 
> > If so, note that the man page does *not* describe the syntax of capture
> > filters, it just says that
> > 
> > 	     Packet capturing is performed with the pcap library.  The
> > 	     capture filter syntax follows the rules of the pcap library.
> > 	     This syntax is different from the display filter syntax.
> > 
> > and later says:
> > 
> > 	CAPTURE FILTER SYNTAX
> > 	     See manual page of tcpdump(8).
> > 
>

Follow-Ups:
- Re: [ethereal-users] help please.
  - From: Guy Harris

References:
- RE: [ethereal-users] help please.
  - From: John Wheatley

Prev by Date: Re: [ethereal-users] help please.
Next by Date: Re: [ethereal-users] PPTP
Previous by thread: RE: [ethereal-users] help please.
Next by thread: Re: [ethereal-users] help please.
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$