5d97cee7da
Remove IPX items from the default capture, color, and display filter files. Suggested by Laura Chappell at SharkFest 2018. Change-Id: I5e14caaa69efc638a5da7c795bf8a9e5e890b3fd Reviewed-on: https://code.wireshark.org/review/28489 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
17 lines
686 B
Text
17 lines
686 B
Text
"Ethernet address 00:00:5e:00:53:00" eth.addr == 00:00:5e:00:53:00
|
|
"Ethernet type 0x0806 (ARP)" eth.type == 0x0806
|
|
"Ethernet broadcast" eth.addr == ff:ff:ff:ff:ff:ff
|
|
"No ARP" not arp
|
|
"IPv4 only" ip
|
|
"IPv4 address 192.0.2.1" ip.addr == 192.0.2.1
|
|
"IPv4 address isn't 192.0.2.1 (don't use != for this!)" !(ip.addr == 192.0.2.1)
|
|
"IPv6 only" ipv6
|
|
"IPv6 address 2001:db8::1" ipv6.addr == 2001:db8::1
|
|
"TCP only" tcp
|
|
"UDP only" udp
|
|
"Non-DNS" !(udp.port == 53 || tcp.port == 53)
|
|
"TCP or UDP port is 80 (HTTP)" tcp.port == 80 || udp.port == 80
|
|
"HTTP" http
|
|
"No ARP and no DNS" not arp and !(udp.port == 53)
|
|
"Non-HTTP and non-SMTP to/from 192.0.2.1" ip.addr == 192.0.2.1 and not tcp.port in {80 25}
|