wireshark is a very useful to crawl network packets and protocol analysis tools. The use of tools to determine what degree productivity. Here to talk about one of the most common scenario, for example, to analyze network traffic data between two hosts, we want to filter out irrelevant data. If not filtered, so much extraneous data frame, it is good to locate where the piece of data to be analyzed. The easiest way is to filtering rules to filter in accordance ip, for example, you only want to see data packets between this unit and the host 123.125.114.144, you can use the following rules:
ip.src==123.125.114.144 || ip.dst==123.125.114.144
Here ip.src ip.dst and filter data represent the downlink or uplink.
tcp and http protocol type is used to filter, found in the course http filter sometimes can not identify missing packets, and then retreated at this time is filtered tcp.
Use tcp.port and udp.port also very useful filtering.
== and! = Are two mutually exclusive filtering.
Although there are many filtering rules, but perhaps learn basic enough to use.