Answer the question
In order to leave comments, you need to log in
How and where to filter packages by id?
The purpose of this action is to catch loops, so that you don’t have to sit and monitor traffic yourself.
Wishlist: filtering packets with the same identifier.
I didn’t find such a filter in wireshark, but I might be looking badly, there are filters for one specific transaction id, of course, but you need to manually see how many such packets are, and how many with a different id and make a filter from each and .. well, you understand .
I know that you can write parsers with pcapy pypcap in python, and it seems like it’s not difficult at all, but I didn’t find manuals that were understandable to me (the coder from me is so-so), but because I found it, I was only disappointed, because I came to the conclusion that you can only use protocols to filter and then their list is small. I would like to believe that this is a wrong conclusion.
Answer the question
In order to leave comments, you need to log in
Which loops do you want to stop, l2 or l3? If you operate on "package" means l3, so I'm telling you that l3-exists ttl to protect against loops. And the Identification field is unique (strictly speaking) for each packet (except for those that did not crawl into the mtu). In short, in layman's terms, you're trying to combine salty with white.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question