# WireShark filters

Filter	Function
`ip.addr`	Lists packets with IP address of specified value
`ip.dst`	Lists packets with destination IP address of specified value
`ip.src`	Lists packets with source address IP of specified value
`tcp.port`	Lists packets with TCP ports of specified value
udp.port	Lists packets with UDP ports of specified value
`http.request`	Filters all HTTP GET and POST requests
`http.response`	Shows the responses to the HTTP requests, including the response codes
`dns`	Sets a filter to display all packets that contain DNS data
`tcp contains`	Displays all TCP packets that contain a string matching whatever is defined as
`ip.addr == 10.0.0.1`	Show any packet with Specific IP (example 10.0.01)
`tcp.port==22`	how any TCP packet with Specific Port (example port 22)
Class A `ip.addr == 10.0.0.0/8` Class B `ip.addr == 10.10.0.0/16` Class C `ip.addr == 10.10.10.0/24`	Show packets to and from any address in a subnet
`tcp.dstport == 80`	Show all protocol traffic (example HTTP port 80)
`tcp.port == 80 and ip.addr == 10.0.0.1`	Show specific traffic to/from specific IP address (HTTP on example 10.0.0.1 )
`http.request.method == “POST”`	Filter for HTTP POST Requests
`http.request.method == “GET”`	Filter for HTTP GET Requests
`http.response.code == 200`	Show specific response request (example 200)
`frame contains traffic`	Show all packets that contain the word ‘traffic’