Configuring Ethernet, ARP, host, and network filters

In this recipe we will discuss how to configure filters of layers 2 and 3, that is, Ethernet- and IP-based filters respectively. We will also discuss Address Resolution Protocol (ARP) filters.

Getting ready

In layer 2 we will configure Ethernet-based filters, while in layer 3 we will configure IP-based filters. In Ethernet we have filters based on the Ethernet frame and the MAC address, while in IP we have filters based on the IP packet and address.

The common frame delta filters are as follows:

  • frame.time_delta: This is used for the time delta between the current and previously captured frames; this will be used in statistical graphs displayed in Chapter 5, Using Advanced Statistics Tools
  • frame.time_delta_displayed ...

Get Wireshark Revealed: Essential Skills for IT Professionals now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.