ip.addr == 192.168.0.1
ip.addr == 129.111.0.0/16
http.host matches "acme\.(org|com|net)"
http.request.uri == "https://www.wireshark.org/"
udp contains 81:60:03
sip.To contains "a1762"
tcp.port in {80 443 8080}
tcp.port in {443 4430..4434}
tcp.port == 80 || tcp.port == 443 || tcp.port == 8080
http.request.method in {"HEAD" "GET"}
ip.addr in {10.0.0.5 .. 10.0.0.9 192.168.1.1..192.168.1.9}
frame.time_delta in {10 .. 10.5}
|