I guess if you’re worried about file sizes you might use the Edit Capture Filter but I never use it.)Īnd finally, the little life raft icon is there for…īut who needs the help file when you have me! Here’s the main tool bar in all its glory Display filters get the job done just as easily. Since you rarely want to stop certain stuff from ever entering the file I wouldn’t use this. Display filters capture all data but let you adjust what’s shows up in the PDU list pane. Edit Capture Filter (Capture Filters stop certain data from ever entering the file.The next section with the magnifying glasses applies to zooming Quickly clicking this stops the scrolling and lets you take command of the window. This is a crucial option when you start your capture you’ll see a zillion colors whirl down the screen. Toggle autoscrolling of live packets as they are captured in realtime.Go back in Packet History (If you selected PDU 1, 5, and 20 you could revisit each one in reverse by clicking this).Find packet (This displays the first match in the PDU list pane but doesn’t change the entire view like a Display Filter).Stop capture ( Ctrl + e) it toggles it.Īnd next you have quick tools for moving through the packets:.This contains a collection of the most frequently accessed items found in the menu bar.įirst we have the capture controls: From left to right we have: Telephony (analyzing and playing back captured VoIP calls).Capture (starting, stopping and filtering the output).So let’s break down each section – step by step.Īcross the top of the screen, we have the Main Menu. What the heck is going on here? The Main Menu Now I’ll be the first to say that this looks like 100% chaos. Let’s check out the sexy anatomy of this extremely useful protocol analyzer Before you can really grasp WireShark you need to know how to get around Wireshark.
0 kommentar(er)
