Filters are like conditionals that programmers/developers use while writing code. If we only wanted to see the ARP packets in the TelnetCapture.pcap
file, we will apply a condition in the Filter toolbar for ARP and if the current file contains ARP packets, they will be displayed else no packets will be seen at all.
The current stable version, 1.12.6, of Wireshark includes a total 13 default capture filters and 15 default display filters. To look at the list of available capture filters, we can go to the Menu bar, click on Capture | Capture Filters..., and to look at the available display filters, click on the Filter button on the Filter toolbar. We can use these as is, or we can use them as templates and customize them to add/create new ones to suit our needs.
Wireshark provides the following two types of filtering options:
Capture filters
Display filters