Filters are also used by other features such as statistics generation and
packet list colorization (the latter is only available to B<Wireshark>). This
manual page describes their syntax. A comprehensive reference of filter fields
can be found within Wireshark and in the display filter reference at
@@ -64,7 +64,7 @@ characters, expressed as a string (quoted or unquoted), or bytes,
expressed as a byte array. For example, to search for a given HTTP
URL in a capture, the following filter can be used:
- http contains "http://www.wireshark.org"
http contains "https://www.wireshark.org"
The "contains" operator cannot be used on atomic fields,
such as numbers or IP addresses.
can find references and examples at the following locations:
=item *
-The online Display Filter Reference: L<http://www.wireshark.org/docs/dfref/>
The online Display Filter Reference: L<https://www.wireshark.org/docs/dfref/>
=item *
The Wireshark wiki: L<http://wiki.wireshark.org/DisplayFilters>
The B<wireshark-filters> manpage is part of the B<Wireshark> distribution.
The latest version of B<Wireshark> can be found at
Regular expressions in the "matches" operator are provided by GRegex in GLib.
See L<http://developer.gnome.org/glib/2.32/glib-regex-syntax.html/> or L<http://www.pcre.org/> for more information.