Post by Perry SmithWhen I "Follow TCP Conversation", I get another window with the text of the conversation which I don't need. I just want to set the filter. One reason is it takes a long time to create the window sometimes. Is there a way to do that?
So you just want to get the "tcp.stream eq X" filter (where you don't
know the value of X), right?
To do that without using the "Follow" UI, just:
1) Open the TCP section in the packet-decode (middle) pane of the packet
you're interested in
2) Find the item that says "[Stream index: X]"
3) Right-click and select "Apply as filter"
(I think the decode item mentioned in (2) may not be present in older
versions of Wireshark; if you don't see it, try upgrading.)
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe