Open In App

IP Filtering in Wireshark

Last Updated : 06 Mar, 2023
Improve
Improve
Like Article
Like
Save
Share
Report

Wireshark is a network packet analyzer or tracer. Network Packet Analyzer displays captured packet data in as much detail as possible. It is a popular open-source network protocol analyzer used by ethical hackers to analyze network traffic to identify vulnerabilities or potential security breaches.

So, in this article, we will understand how we can filter the IP Address using Wireshark. and also see the overview of the Wireshark tool in terms of network security.

What is IP Filtering? 

IP Filtering is a simple mechanism or process that defines which kinds of IP Datagrams are running on your system, like a source IP address is coming and a Destination IP is outgoing.

IP filtering allows you to control what IP traffic is allowed to enter and leave your network. Basically, it secures your network by filtering packets based on the rules you define.
It is important to understand that IP filtering is a network layer feature.

Example – Datagram- SYN/ACK, data, ICMP Echo Request, etc. Protocol- TCP, UDP, ICMP, etc.

Implementation 

Suppose, an IP address is in the packet capturing window, users want to extract the information of a particular IP address and see where it is going and from where it is receiving the information, helping users to filter a particular IP address and its source and destination.

Filter by IP in Wireshark 

Step 1: So firstly you have to open the Wireshark Tool in your window, or in Linux. Now we will see where to put the filter in Wireshark. as you can see arrow in the image. there is written the Apply a display filter-

 

Step 2: So now we will start capturing the packet and select the network interface that we want to capture packets. Select the wifi network interface to capture the packet. after starting, you will see that interface.

 

Step 3: Now we will put the IP Display filter in Wireshark. suppose in your system many kinds of source IPs are coming and you want to filter any particular IP.

Source IP Address – Display filter for source IP Address.

ip.src == x.x.x.x (source ip address)

After putting the IP in the display filter press enter. whatever source IP you put that similar IP is showing in the image.

 

As you can see in the above image the source column contains the only IP address which I want to display in the filter.

Step 4: Now we will put the destination IP address and display filter.

Destination IP Address – Display filter for source IP Address.

ip.dst == x.x.x.x (destination ip address)

 

Step 5: Suppose the user wants to find any random or only one IP address displayed in the filter.

ip.addr == x.x.x.x (ip address)

 

As you can see in the image the source and destination IP is the similar IP address we want to display the filter.

Step 6: While performing IP filtering users wants to know for which (Protocol) ports and services are IP address is connecting, now help the user to filter the required (Protocol) port or service. 

Transmission Control Protocol (TCP)

Step 7: Now in this step we will put the IP addresses capture filter in Wireshark. for that you need to go capture -> option. and then put the host IP address in the capture-selected interface. as you can see in the image.

 

After putting the IP address capture filter for the selected interface, it will start capturing that host IP in your system. 



Like Article
Suggest improvement
Next
HART-IP in Wireshark
Share your thoughts in the comments

Similar Reads

Steps of Filtering While Capturing in Wireshark
Steps of Filtering Packets While Viewing in Wireshark
What is Egress Filtering?
Ingress Filtering
Black Hole Filtering in Ethical Hacking
SNMP Users Table in Wireshark
SMI (MIB and PIB) Paths in Wireshark
Viewing Packets You Have Captured in Wireshark
ONC-RPC Programs in Wireshark
Bluetooth Devices in Wireshark
author
sourabhsahu33
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox