Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Wireshark: View only Host Sent

Posted on 2012-03-26
4
Medium Priority
?
496 Views
Last Modified: 2012-06-27
I'm using wireshark for some projects.

How do I filter to view only packets SENT by my host computer?
0
Comment
Question by:Pancake_Effect
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 37768575
tshark host 1.2.3.4 port XX

  for transactions originating from IP 1.2.3.4 port XX

or

tshark -V host 1.2.3.4 port XX
 
   for detail of the same
0
 
LVL 17

Accepted Solution

by:
jburgaard earned 2000 total points
ID: 37768817
You have more options.
Asume you are on 192.168.1.4 with MAC-addr=00:1a:4b:f9:fe:d3
If you already have the captue, you can view trafic with source  filter like:
eth.src==00:1a:4b:f9:fe:d3   at ethernet level or at IP-level filter like:
ip.src==192.168.1.4

At capture time you can also from within Wireshark under Capture-options-'capture filter' use:
ether host 00:1a:4b:f9:fe:d3    or
host  192.168.1.4

HTH
0
 
LVL 4

Author Comment

by:Pancake_Effect
ID: 37769191
When I use something like host  192.168.1.4, it shows the receiving packets too.

I have a Ip address for example: 192.168.0.5

How do I make it ONLY show packets it's sending out. I want to see all traffic (not just certain ports or protocols)
0
 
LVL 4

Author Closing Comment

by:Pancake_Effect
ID: 37769304
Never mind, I looked at your answer closer and found the one that I needed!

It was the ip.src==192.168.1.4

Thanks so much!
0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question