Example 2
Goal
Monitoring the outgoing and incoming traffic of my computer and
traffic monitoring to host 192.168.2.2.
Solution
It is required to create two filters. The first filter will count
the traffic from my computer to host 192.168.2.2. The second filter
will count all traffic of my computer except the traffic to host
192.168.2.2.
| Filter 1. Traffic from my computer to host 192.168.2.2. | ||||||||
| N Rule |
Type of IP protocol |
Source address |
Source port |
Destination address |
Destination port |
Both directions |
Action for packet |
Additional condition |
| 1 | Any | My computer | 192.168.2.2 | Yes | Count and pass | |||
| Filter 2. All traffic of my computer except host 192.168.2.2. | ||||||||
| N Rule |
Type of IP protocol |
Source address |
Source port |
Destination address |
Destination port |
Both directions |
Action for packet |
Additional condition |
| 1 | Any | My computer | Any | Yes | Count | |||
This filterset can be explained as follows. Captured packets, matching the first filter will be counted and will not be processed by the second filter because the single rule of the first filter has the action "Count and Pass". Therefore, all captured packets, except for the ones matching the first filter, will be processed by the second filter.