Filters allow you to specify exactly which packets you have available for analysis. Simply stated, a filter is an expression that defines criteria for the inclusion or exclusion of packets. If there are packets you don’t want to see, you can write a filter that gets rid of them. If there are packets you want to see exclusively, you can write a filter that shows only those packets.
Wireshark offers two main types of filters:
Capture filters are specified when packets are being captured and will capture only those packets that are specified for inclusion/exclusion in the given expression.
Display filters are applied to an existing set of captured packets in order to hide unwanted packets or show desired packets based on the specified ...