Other Window Components

Previous page
Table of content
Next page

  < Day Day Up > 


Filter Bar

The Filter Bar (Figure 4.6) allows you to enter a filter string restricting which packets are displayed in the Summary Window. Only packets that match the display filter string will be displayed in the Summary Window. A display filter string is a string defining some conditions on a packet that may or may not match a packet. For example, the display filter string (ip.addr == 10.15.162.1 && bgp) would match all packets with an IP address (source or destination) of 10.15.162.1 that are BGP protocol packets. Filtering will be explored in much greater depth in Chapter 5, but we will examine the basic functions of the Filter Bar briefly here.

click to expand
Figure 4.6: Filter Bar

You can see in Figure 4.6 that we have applied a bgp filter. To apply a filter, enter the desired string into the Filter: text field and press Enter (or click the Apply button). Please note that your filter string will not be applied until you hit Enter or click the Apply button. In addition, note that filter strings are case-sensitive and the filter string BGP (uppercase) will not work. Traditionally, filter string labels like bgp are entirely in lowercase.

Once the display filter string bgp is applied, you will note that only BGP packets are displayed in the Summary Window. You should also note that the No. column displays jumps between the frame numbers of the displayed packets. This is because there are packets in the capture that are not being displayed, but are rather being suppressed by the bgp filter string. Previously used filters can be easily recalled, as shown in Figure 4.7.

click to expand
Figure 4.7: Filter Bar Drop-down List

By clicking the drop-down arrow at the right end of the Filter field, you can access a list of previously applied filters. To use one of these filters, select it from the list and press Enter or click the Apply button.

To remove the currently displayed filter string and re-display all packets, click the Reset button.

If you click the Filter: button itself, the Display Filter dialog box will be displayed. This feature is described in the section entitled “Analyze”.

Information Field

The Information field displays the name of the capture file or information about the protocol field selected in the Protocol Tree Window.


  < Day Day Up > 


Previous page
Table of content
Next page
Ethereal Packet Sniffing
Ethereal Packet Sniffing (Syngress)
ISBN: 1932266828
EAN: 2147483647
Year: 2004
Pages: 105
Authors: Syngress
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
The .NET Developers Guide to Directory Services Programming
Image Processing with LabVIEW and IMAQ Vision
Competency-Based Human Resource Management
Twisted Network Programming Essentials
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy