Problem with Ethereal capture filter rule
What I am looking to do is ignore all ARP traffic from a host, but still capture the normal TCP/IP traffic. I do however want to capture ARP traffic from other hosts on the LAN.
I have looked at rules like this:
host 192.168.1.101 and not arp
Which give me all of the non-ARP traffic from that host, but also filters out traffic from the rest of the LAN.
Gives me traffic from the entire LAN, but not ARP from the other hosts.
Anyone know how to create a rule to do what I need, and if it is even possible with the filter syntax?