字符串匹配:
data.data matches "fafasf"
tcp.data matches "fafasf"
地址過濾:
ip.addr == 192.168.5.1 and !ssdp and !dns
ip.addr == 192.168.2.11 and tcp.port == 3306 and !ssl
tcp.port == 80 and ip.dst == 192.168.5.5 and ip.src == 192.168.2.100
tcp.dstport == 80 or tcp.srcport == 80
http.request.method=="GET"
http.request.method=="POST"
ip.class="lazy" src="//p2.ttnews.xyz/loading.gif" data-original==192.168.5.5 and http
udp.port == 53
dns or ssdp
閱讀更多 barbarian 的文章