Hello,
I've been using WIreshark for some time in a very limited manner, to
check the content & headers of web sites I develop. Lately I've
encountered a need to filter for ipv6 addresses. According to
http://www.wireshark.org/docs/man-pages/wireshark.html, Wireshark
supports ipv6 addresses. I'm having trouble finding docs that seem
authoratative on the syntax of the capture or display filters but for
a capture filter I read that simply "ip6" should work. On my
installation I get this error:
That string isn't a valid capture filter (ip6 not supported).
See the User's Guide for a description of the capture filter syntax.
For a display filter, I get a happy green background on "ipv6 eq
fe80::216:cbff:fe96:b18a", however clicking Apply produces no packets,
even though I am absolutely confident that the packets exist (i.e. I
can see the value fe80::216:cbff:fe96:b18a in the source column).
I did some reinstallation recently and noticed, in the configure options, this:
--enable-ipv6 use ipv6 name resolution, if available.
[default=yes]
I couldn't find any further explanation of "if available" although I
suspect that in my system it's not available. Can anyone shed any
light?
thanks for any suggestions,
Rachel
-----
Wireshark Version 1.1.0
Compiled with GTK+ 2.12.9, with GLib 2.16.5, with libpcap 0.9.8, with libz
1.2.3, without POSIX capabilities, without libpcre, without SMI, without c-ares,
without ADNS, without Lua, without GnuTLS, without Gcrypt, with MIT Kerberos,
without PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.
Running on Darwin 8.11.1 (MacOS 10.4.11), with libpcap version 0.9.8.
Built using gcc 4.0.1 (Apple Computer, Inc. build 5363).
