- I Ip Addr 192 168 1 195 No A Time Source Destination Protocol Length Info 915 51 156492 192 168 171 243 192 168 1 1 (140.32 KiB) Viewed 39 times
- I Ip Addr 192 168 1 195 No A Time Source Destination Protocol Length Info 915 51 156492 192 168 171 243 192 168 1 2 (159.99 KiB) Viewed 39 times
them. You may use any combination of regular expressions, wireshark
or tshark .
Network information:
Helpful hints:
+ I ip.addr == 192.168.1.195 No. A Time Source Destination Protocol Length Info 915 51.156492 192.168.171.243 192.168.1.195 UDP 76 53 - 54831 Len=34[Packet size Limited during capture] 928 52.460455 192.168.1.195 192.168.171.243 UDP 91 65187 - 53 Len=49[Packet size limited during capture] 936 53.186640 192.168.171.243 192.168.1.195 UDP 76 53 - 57834 Len=34 (Packet size limited during capture] 940 53.335842 192.168.1.195 192.168.171.243 UDP 86 51511 - 53 Len=44 [Packet size Limited during capture] 957 55.074473 192.168.1.195 115.2.227.7 TCP 66 50134 + 443 (SYN] Seq=8 Win=65535 Len=B MSS=1460 WS=256 SACK_PERM=1 958 55.981352 192.168.1.195 208.3.245.84 TCP 66 50135 + 443 [SYN] Seq=8 Win=65535 Len=8 MSS=1460 WS=256 SACK_PERM=1 959 55.082172 192.168.1.195 87.42.191.186 TCP 66 50136 + 443 [SYN] Seq=8 Win=65535 Len=B MSS=1460 WS=256 SACK_PERM=1 960 55.096422 115.2.227.7 192.168.1.195 TCP 66 443 + 50134 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=8 MSS=1357 WS=256 SACK_PERM=1 961 55.999931 192.168.1.195 115.2.227.7 TCP 60 50134 - 443 [ACK) Seq=1 Ack=1 Win=262144 Len=0 962 55.107419 192.168.1.195 115.2.227.7 TCP 268 50134 + 443 [PSH, ACK] Seq=1 Ack=1 Win=262144 Len=286 963 55. 113100 208.3.245.84 192.168.1.195 TCF 66 443 + 50135 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=8 MSS=1357 WS=256 SACK_PERM=1 964 55. 113207 87.42.191.106 192.168.1.195 TCP 66 443 + 50136 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=8 MSS=1357 WS=256 SACK_PERM=1 965 55.118327 192.168.1. 195 97.47.92.21 TCP 66 50137 + 443 [SYN] Seq=0 Win=65535 Len=8 MSS=1460 WS=256 SACK_PERM=1 966 55.124779 192.168.1.195 208.3.245.84 TCP 60 50135 - 443 [ACK] Seq=1 Ack=1 Win=262144 Len=0 Fermer Acknowledgnent number (raw): 1000 .... = Header Length: 32 bytes (8) > Flags: @x002 (SYN) Window: 65535 (Calculated window size: 655351 Checksum: Bx53aa [unverified] [Checksun Status: Unverified] Urgent Pointer: 0 Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted > TCP Option - Maximum segment size: 1460 bytes > TCP Option - No-Operation (NOP) > TCP Option - Window scale: 8 (multiply by 256) > TCP Option - No-Operation (NOP) > TCP Option - No-Operation (NOP) 8000 60 61 c9 55 65 e9 90 bi 1c 1b b3 2f 88 00 45 80 ..........E 8010 00 34 c6 c5 40 00 80 86 15 89 CB aB 01 c3 73 82 8 1b 4. @ 9020 e397 c3 d6 01 bb 9c ff a 5f 00 00 00 00 80 92 3030 ff ff 53 aa 00 00 02 04 65 b4 01 03 03 98 81 01 . S 8040 64 82 07 Frame (framel, 66 bytes Packets: 22826 Displayed: 1833 18,0%) FIVE Vorault
+ UUT 0 I ip.addr == 192.168.1.195 No. Time Source Destination Protocol Length Info 100 43.30-40 192.100.1.193 192.100.1/1.245 113 01913 + 3) Lei=i[ralel size Lilleu uul Lily Laplures 791 43.989435 192.168.1.195 192.168.171.243 UDP 76 54831 + 53 Len=34 [Packet size limited during capture] 792 44.958429 192.168.171.243 192.168.1.195 UDP 75 53 - 53606 Len=33 (Packet size Limited during capture] 798 44.061057 192.168.1.195 192.168.171.243 UDP 113 61915 - 53 Len=71[Packet size limited during capturel 809 44.425424 192.168.1.195 224.6.0.22 IPv4 69 810 44.437620 192.168.1.195 224.2.0.22 IPv4 68 811 44.437841 192.168.1.195 224.0.0.22 IPv4 60 812 44.438635 192.168.1.195 224.0.0.22 IPV4 60 813 44.438612 192.168.1.195 224.0.0.251 UDP 81 5353 - 5353 Len=39 [Packet size limited during capturel 814 44.439106 192.168.1.195 224.0.0.251 UDP 91 5353 - 5353 Len=49 [Packet size limited during capture] 815 44.439622 192.168.1.195 224.0.0.252 UDP 75 57452 +5355 Len=33(Packet size limited during capture] 816 44.497604 192.168.1.195 224.8.0.22 IPv4 60 817 44.584355 192.168.1.195 224.8.8.22 IPv4 50 818 44.507974 192.168.1.195 224.0.0.251 UDP 81 5353 - 5353 Len=39 [Packet size limited during capturel Frame 809: 68 bytes on wire (480 bits), 38 bytes captured (304 bits) on interface unknown, id Ethernet II, Src: Dell_1b:b3:2f (98:b1:1c:16:53:2f), Dst: IPv4mcast_c1:41:87 (01:00:5e:c1:41:17) Destination: IPv4tcast_c1:41:17 (01:00:5e:c1:41:17) Address: IPv4ncast_c1:41:f7 (01:00:5e:c1:41:17) ....................... = LG bit: Globally unique address (factory default) ....................... = IG bit: Group address (multicast/broadcast) Source: Dell_1b:b3:2f (98:b1:1c:1b:b3:2f) Address: Dell 16:53:21 (99:b1:1c:16:03:28) ...................... = LG bit: Globally unique address (factory default) ) ....................... = IG bit: Individual address (unicast) = ( Type: IPv4 (@x800) Internet Protocol Version 4, Sre: 192.168.1.195, Dst: 224.0.0.22 , , 0100 .... = Version: 4 .... 0118 = Header Length: 24 bytes (6) > AYAM Differentiated Services Field: Axa Inscp: rsa. FON: Not-FCT) 8080 01 80 5e c1 41 f7 90 bi lc 10 b3 2f 08 06 46 60 8010 8 18 41 31 89 90 91 82 8e 1c co ab el c3 e0 80 -A1 9020 90 16 94 04 b3 10 07 2019-treffio-analysis_anon.pcapng Packets: 22826 Displayed: 1833 18,0%) Profile: Default
+ כנשם UUT TCP X OT I ip.addr == 192.168.1.179 No. A Time Source Destination Protocol Length Info 23 251 20. Tous 192.100.1.119 192.100.171.245 OL 30302 + 3 LUBU PLEL bize Lilleu uuilly Laplures 357 21.243144 192.168.1.179 224.0.0.251 UDP 469 5353 - 5353 Len=427 [Packet size limited during capture] 378 21.393635 192.168.1.179 224.0.0.251 UDP 465 5353 - 5353 Len=423 [Packet size Limited during capture] 384 21.682712 192.168.1.179 172. 19.138.238 UDP 118 137 - 137 Len=68 [Packet size limited during capturel 408 22.611390 192.168.1.179 107.236.128.171 TCP 78 50214 + 443 [SYN, ECN, CWR] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=951343577 TSecr= SACK_PERM 401 22.630011 107.236.128. 171 192.168.1.179 TCP 74 443 + 50214 [SYN, ACK] Seq=2 Ack=1 Win=66192 Len=8 MSS=1357 SACK_PERM=1 TSval=2794779616 TSecr=951 402 22.632609 192.168.1.179 107.236. 128. 171 TCP 66 50214 + 443 [ACK] Seq=1 Ack=1 Win=131776 Len=2 TSval=951343598 TSecr=2794779616 403 22.633022 192.168.1.179 107.236. 128. 171 TCP 583 50214 - 443 (PSH, ACK] Seq=1 Ack=1 Win=131776 Len=517 TSval=951343598 TSecr=2794779616 404 22.651527 107.236.128.171 192.168.1.179 TCP 66 443 - 50214 [ACK] Seq=1 Ack=518 Win=61440 Len=@ Tsval=2794779638 TSecr=951343598 405 22.659488 107.236.128.171 192.168.1.179 TCP 1411 443 + 50214 [ACK] Seq=1 Ack=518 Win=61440 Len=1345 TSval=2794779644 TSecr=951343598 406 22.659590 107.236.128.171 192.168.1.179 TCP 1411 443 - 50214 [ACK] Seq=1346 Ack=518 Win=61440 Len=1345 TSval=2794779644 TSecr=951343598 407 22.659797 107.236.128.171 192.168.1.179 TCP 1292 443 - 50214 [PSH, ACK] Seq=2691 Ack=518 Win=61440 Len=1226 TSval=2794779644 TSecr=951343598 408 22.662257 192.168.1.179 107.236. 128. 171 66 50214 - 443 [ACK) Seq=518 Ack=2691 Win=129888 Len=0 TSval=951343627 TSecr=2794779644 409 22.662531 192.168.1.179 107.236.128.171 TCP 66 50214 - 443 [ACK] Seq=518 Ack=3917 Win=127872 Len=0 Tsval=951343627 TSecr=2794779644 > Frame 480: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface unknown, id @ Ethernet II, Src: Apple_e8:18:a6 (a8:bb.cf:e8:10:a6), Dst: Cisco_55:65:e9 (00:01:09:55:05:09) Destination: Cisco_55:05:e9 (00:01:09:55:05:09) Address: Cisco_55:05:e9 (00:01:09:55:65:e9) ....................... = LG bit: Globally unique address (factory default) : ....................... = IG bit: Individual address (unicast) = Source: Apple_e8:10:a6 (a8:bb:cf:e8:10:a6) Address: Apple_e8:16:a6 (a8:bb:cf:e8:10:26) ...................... = LG bit: Globally unique address (factory default) ................... = IG bit: Individual address (unicast) Type: IPv4 (@x800) Internet Protocol Version 4, Src: 192.168.1.179, Dst: 107.236.128.171 Transmission Control Protocol, Src Port: 50214, Dst Port: 443, Seq: ®, Len: 0 Source Port: 50214 Destination Part:443 0000 00 01 09 55 05 09 a8 bb cf c8 10 a6 08 00 45 60 30 ..........E E 2010 0940 40 40 86 8b c5 coaB 01 b3 6b ec 81 .@..@......... 0020 80 ab c4 26 01 bb id 34 59 92 00 e0 bo c2 91 00 00 b ...&.4 Y..... 8030 ff ff b8 13 00 00 02 04 65 b4 01 03 03 96 81 01 8040 68 Ba 38 64 59 d9 00 80 80 00 00 04 62 BO 08 ...Y....... 07 Frame (framel, 78 bytes Packets: 22826. Displayed: 5806 (25.4%) Profile: Default
+ כנשם UUT TCP X OT I ip.addr == 192.168.1.179 No. A Time Source Destination Protocol Length Info 23 251 20. Tous 192.100.1.119 192.100.171.245 OL 30302 + 3 LUBU PLEL bize Lilleu uuilly Laplures 357 21.243144 192.168.1.179 224.0.0.251 UDP 469 5353 - 5353 Len=427 [Packet size limited during capture] 378 21.393635 192.168.1.179 224.0.0.251 UDP 465 5353 - 5353 Len=423 [Packet size Limited during capture] 384 21.682712 192.168.1.179 172. 19.138.238 UDP 118 137 - 137 Len=68 [Packet size limited during capturel 408 22.611390 192.168.1.179 107.236.128.171 TCP 78 50214 + 443 [SYN, ECN, CWR] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=951343577 TSecr= SACK_PERM 401 22.630011 107.236.128. 171 192.168.1.179 TCP 74 443 + 50214 [SYN, ACK] Seq=2 Ack=1 Win=66192 Len=8 MSS=1357 SACK_PERM=1 TSval=2794779616 TSecr=951 402 22.632609 192.168.1.179 107.236. 128. 171 TCP 66 50214 + 443 [ACK] Seq=1 Ack=1 Win=131776 Len=2 TSval=951343598 TSecr=2794779616 403 22.633022 192.168.1.179 107.236. 128. 171 TCP 583 50214 - 443 (PSH, ACK) Seq=1 Ack=1 Win=131776 Len=517 TSval=951343598 TSecr=2794779616 404 22.651527 107.236.128.171 192.168.1.179 TCP 66 443 - 50214 [ACK] Seq=1 Ack=518 Win=61440 Len=@ Tsval=2794779638 TSecr=951343598 405 22.659488 107.236.128.171 192.168.1.179 TCP 1411 443 + 50214 [ACK] Seq=1 Ack=518 Win=61440 Len=1345 TSval=2794779644 TSecr=951343598 406 22.659590 107.236.128.171 192.168.1.179 TCP 1411 443 - 50214 [ACK] Seq=1346 Ack=518 Win=61440 Len=1345 TSval=2794779644 TSecr=951343598 407 22.659797 107.236.128.171 192.168.1.179 TCP 1292 443 - 50214 [PSH, ACK] Seq=2691 Ack=518 Win=61440 Len=1226 TSval=2794779644 TSecr=951343598 408 22.662257 192.168.1.179 107.236.128.171 66 50214 - 443 [ACK) Seq=518 Ack=2691 Win=129888 Len=0 TSval=951343627 TSecr=2794779644 409 22.662531 192.168.1.179 107.236.128.171 TCP 66 50214 - 443 [ACK] Seq=518 Ack=3917 Win=127872 Len=0 Tsval=951343627 TSecr=2794779644 > Frame 488: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface unknown, id Ethernet II, Src: Apple_e8:18: a6 a8:bb:cf:e8:10:a6), Dst: Cisco_55:65:e9 (00:01:09:55:05:09) Internet Protocol Version 4, Src: 192.168.1.179, Dst: 107.236.128.171 Transmission Control Protocol, Src Port: 50214, Dst Port: 443, Seg: 6, Len: 0 Source Port: 50214 Destination Port: 443 [Stream index: 20) (Conversation completeness: Complete, WITH_DATA (31)] (TCP Segment Len: 0] Sequence Number: 8 (relative sequence number) Sequence Number (raw): 489978066 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 0 Acknowledgment number (raw): 1911 .... = Hearler length: 44 hytes (11) B080 00 01 09 55 85 e9 a8 bb cf c8 10 a6 88 90 45 00 00 E 8010 0 40 00 00 40 00 40 86 8b c5 co aB 01 b3 6b ec @ @ @ k 2020 80 ab c4 26 01 bb id 34 59 92 00 00 00 00 bo c2 91 .....4 Y..... Y 3030 ff ff b8 13 00 00 02 04 65 b4 01 03 03 06 81 01 804008 Ba 38 64 59 d9 90 30 00 00 04 02 B0 00 -8. Y 07 Frame (framel, 78 bytes Packets: 22826. Displayed: 5806 (25.4%) Profile: Default