I am going to continue my old post here in which i am telling you how to apply Filter in the Wireshark.
For Read first part of this thread click on below link...
In First Post i had told you how to make Monitor Mode mon0 , Now i am start sniffing packet but a large amount of packets come here in list so how to found any selected packet , the answer of this question is Filter who help you find your packet from a large collection.
First i am telling you type of Frame. I know first thing which come in your mind is "Hey, What the f**king things is this ?"
I thought everybody know our internet is a wlan (Wide Local Area Network) , you know a wlan communicate on Frame so i thing now you know about this f**king thing.
First i am telling you about types of wlan frame , there are three types of wlan frame :
1. Control Frame : Ensuring proper communication between the access points and wireless users.
2. Management frame: Maintaining Communication between Access points and Wireless users.
3. Data frame: Carry Data between Access Point and Wireless Users .
Now i think you know about Frame Very well , i am going to start practical .
1. If you want to see only captured Management frame then Enter in filter below write code :
wlan.fc.type==0
And Press Apply button ,for example see below pic...
2. If you want to see only captured wlan control frame then type in filter box this expression :
wlan.fc.type==1
And then press Apply button , see below pic...
3. For view the Data Frame type expression which one write below....
wlan.fc.type=2
And again press Apply button , see below pic...
4. If you want see any sub-type with any frame type then write below expression :
(wlan.fc.type=0)&&(wlan.fc.subtype==8)
Change Number according to your selection , see below pic...
5. For alternative frame selection , click on any packet of window and then follow Apply as Filter >>> Selected , look below pic ...
You can also use TCP ,POP , UDP and more as filter.
Now i think you able to apply filter on Wireshark, in my next part i will tell you how to sniffing packets from your network.
Too Simple like old one,waiting for next one.