FREE Trial

Hello Wireshark experts! I need some help with filtering syntax My goal is to find packets that

Fantastic news! We've Found the answer you've been seeking!

Question:

Hello Wireshark experts! I need some help with filtering syntax My goal is to find packets that i captured earlier by ID of the packet from var/log/messages i pulled 2 instances of my rules working and i am trying to find it in my wireshark, but cant figure out where to look for that ID

Aug 15 22:12:53 kernel: DROPPED-IN=eth0 OUT=eth0 MAC= SRC= DST= LEN= TOS= PREC= TTL=127

ID=54055

DF PROTO=TCP SPT= DPT=22 WINDOW= RES= SYN URGP=0

Aug 15 22:02:55 kernel: DROPPED-IN=eth0 OUT=eth0 MAC= SRC= DST= LEN=52 TOS= PREC= TTL=127

ID=50878

DF PROTO=TCP SPT=21 DPT=50736 WINDOW= RES=0x00 ACK SYN URGP=0

So my question is= i have a pcap file which was capturing during this log How to filter by the ID provided above... Or if this isnt possible where to find this piece of info inside wireshark

Expert Answer:


answer-question-section
Posted Date:
See More Questions
Digital Pharma Marketing Playbook Winning With The New Rules Of Engegement 1st Edition - ISBN: B07N11GT75 - Free Book