I started searching and found that not many quick guides exist to do this in the capture filter. Because the overall number of NTP packets is quite large, I didn't want to spool all NTP packets to disk then later filter with a Wireshark display filter - I wanted to filter at the capture stage. ![]() ![]() ![]() I recently wanted to look at some packet captures on my NTP pool servers and find out if any NTP clients hitting my servers use extension fields or legacy MACs.
0 Comments
Leave a Reply. |