【wireshark】基础学习

@TOC

查询tcp

tcp

查询tcp握手请求的代码

tcp.flags.ack == 0

确定tcp握手成功的代码

tcp.flags.ack == 1

确定tcp连接请求的代码

tcp.flags.ack == 0 and tcp.flags.syn == 1

3次握手后确定发送成功的查询

tcp.flags.fin == 1

查询某IP对外发送的数据

ip.src_host == 192.168.73.134

查询某IP向某IP发送的数据

ip.src_host == 192.168.73.134 and ip.dst_host == 36.103.205.147

(ip.src_host == 192.168.73.134 and ip.dst_host == 36.103.205.147) or ( ip.src_host == 36.103.205.147 and ip.dst_host == 192.168.73.134)