[SOLVED] WireShark: Capture filter for range of ip addresses

OtagoHarbour · 10-31-2013, 02:39 PM

I am using Debian 7.0 and am using WireShark 1.8.2 to capture pakcets to and from my server. Once I check out ipaddresses and decide I do not want to worry about them I filter them out with

Code:

net !(173.194.43.0/24)

to ignore Google packets. However, I would like to do the same for Yahoo! which has an range 206.190.32.0 - 206.190.63.255. I looked here and it doesn't say how to select a range of ip addresses such as the range for Yahoo!

Thanks,
OH.

Habitual · 10-31-2013, 03:06 PM

206.190.32.0/19

and to find that out, I just open terminal and

Code:

whois 206.190.32.0 | grep CIDR

OtagoHarbour · 10-31-2013, 04:28 PM

Quote:

Originally Posted by Habitual

206.190.32.0/19

and to find that out, I just open terminal and

Code:

whois 206.190.32.0 | grep CIDR

Thanks very much for your reply. I tried the following capture filter.

Code:

!(net 173.194.43.0/24 or net 206.190.32.0/24)

and it worked.

Thanks very much!
OH.