?
Solved

Wireshark: View only Host Sent

Posted on 2012-03-26
4
Medium Priority
?
494 Views
Last Modified: 2012-06-27
I'm using wireshark for some projects.

How do I filter to view only packets SENT by my host computer?
0
Comment
Question by:Pancake_Effect
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 37768575
tshark host 1.2.3.4 port XX

  for transactions originating from IP 1.2.3.4 port XX

or

tshark -V host 1.2.3.4 port XX
 
   for detail of the same
0
 
LVL 17

Accepted Solution

by:
jburgaard earned 2000 total points
ID: 37768817
You have more options.
Asume you are on 192.168.1.4 with MAC-addr=00:1a:4b:f9:fe:d3
If you already have the captue, you can view trafic with source  filter like:
eth.src==00:1a:4b:f9:fe:d3   at ethernet level or at IP-level filter like:
ip.src==192.168.1.4

At capture time you can also from within Wireshark under Capture-options-'capture filter' use:
ether host 00:1a:4b:f9:fe:d3    or
host  192.168.1.4

HTH
0
 
LVL 4

Author Comment

by:Pancake_Effect
ID: 37769191
When I use something like host  192.168.1.4, it shows the receiving packets too.

I have a Ip address for example: 192.168.0.5

How do I make it ONLY show packets it's sending out. I want to see all traffic (not just certain ports or protocols)
0
 
LVL 4

Author Closing Comment

by:Pancake_Effect
ID: 37769304
Never mind, I looked at your answer closer and found the one that I needed!

It was the ip.src==192.168.1.4

Thanks so much!
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question