How to intercept the packet capture message when the capture file is large
2023-03-27 23:43:59
Published
- 0 Followed
- 0Collected ,689Browsed
Network Topology
null
Problem Description
In the packet capture fault location, often encounter a large amount of traffic, when the packet capture file will be very large, or even more than 10Gb.
Process Analysis
If the captured file is in pcap format, then you can use the filter and export feature of the open source Wireshark software to slim down the captured file.
Solution
For example:
You can filter like me ip.addr == 10.121.27.200
Then mark all display , it will be dark.
Then export specified packets
