Solved

Wireshark: View only Host Sent

Posted on 2012-03-26
4
478 Views
Last Modified: 2012-06-27
I'm using wireshark for some projects.

How do I filter to view only packets SENT by my host computer?
0
Comment
Question by:Pancake_Effect
  • 2
4 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 37768575
tshark host 1.2.3.4 port XX

  for transactions originating from IP 1.2.3.4 port XX

or

tshark -V host 1.2.3.4 port XX
 
   for detail of the same
0
 
LVL 17

Accepted Solution

by:
jburgaard earned 500 total points
ID: 37768817
You have more options.
Asume you are on 192.168.1.4 with MAC-addr=00:1a:4b:f9:fe:d3
If you already have the captue, you can view trafic with source  filter like:
eth.src==00:1a:4b:f9:fe:d3   at ethernet level or at IP-level filter like:
ip.src==192.168.1.4

At capture time you can also from within Wireshark under Capture-options-'capture filter' use:
ether host 00:1a:4b:f9:fe:d3    or
host  192.168.1.4

HTH
0
 
LVL 4

Author Comment

by:Pancake_Effect
ID: 37769191
When I use something like host  192.168.1.4, it shows the receiving packets too.

I have a Ip address for example: 192.168.0.5

How do I make it ONLY show packets it's sending out. I want to see all traffic (not just certain ports or protocols)
0
 
LVL 4

Author Closing Comment

by:Pancake_Effect
ID: 37769304
Never mind, I looked at your answer closer and found the one that I needed!

It was the ip.src==192.168.1.4

Thanks so much!
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question