Hi, Be aware there's a difference between display and capture filters. Capture filters are fed to the capture engine which can make low level decisions (like ethernet address, tcp ports at most). Display filters come into play when real dissections takes place. So, getting to something advanced as SNMP enterprise number needs dissection, hence is not available as capture filter. For further reading, see http://wiki.wireshark.org/CaptureFilters
Thanx, Jaap Akers, Robert wrote: > I'm trying to start Wireshark from the command line filtering on the > snmp enterprise. No matter what I've tried results in results in an > invalid capture filter. Anyone know what the correct syntax would be > for -f in this case? > > _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
