WEBVTT 00:00.150 --> 00:06.060 In this lecture, we are going to filter traffic by port numbers. 00:06.210 --> 00:15.990 Port filtering allows us to filter traffic based on the port numbers that you supply to a Wireshark. 00:15.990 --> 00:21.240 We can apply filters on both UDP and TCP ports. 00:21.360 --> 00:23.100 So let's get started. 00:23.100 --> 00:28.770 So I'm going to start with filtering TCP packets on port number four, four, three. 00:28.770 --> 00:34.830 So type TCP port equal to four, four, three, hit enter. 00:34.860 --> 00:44.700 Now Wireshark is only displaying the TCP packets on port number four, four, three and in the same 00:44.700 --> 00:48.510 way you can filter UDP traffic as well. 00:48.510 --> 00:51.640 So let me replace TCP with UDP. 00:51.690 --> 00:59.940 It enter now it is displaying the UDP packets on port number four, four, three. 00:59.940 --> 01:00.480 Right. 01:00.570 --> 01:05.610 Quick protocol also uses UDP as you can see down here quick. 01:05.610 --> 01:08.010 Then we have the UDP. 01:08.010 --> 01:11.820 Now let's combine multiple port numbers. 01:11.820 --> 01:12.540 So right. 01:12.540 --> 01:21.990 Or I'm going to filter TCP IP traffic on port number four for three modern applications. 01:21.990 --> 01:24.840 Use both UDP and TCP. 01:24.840 --> 01:25.080 Right. 01:25.080 --> 01:34.530 So if I hit enter now it is displaying both TCP and UDP packets on the specified port. 01:34.530 --> 01:36.270 Number four, four, three. 01:36.300 --> 01:40.950 Of course, you can use a different port number, let's say eight zero. 01:41.400 --> 01:50.370 Now it is displaying UDP packets on port number four, four three and TCP packets on port number eight 01:50.370 --> 01:51.120 zero. 01:51.120 --> 01:58.440 Now let's check the packets that have been delivered to a specific port. 01:58.440 --> 02:04.080 So type TCP port, DSD port equal to eight zero. 02:04.080 --> 02:13.740 Now this filter is going to display the TCP packets that have been delivered to port number eight zero. 02:13.740 --> 02:23.760 And if you replace DSD with source, it is going to display the packets that originated from port number 02:23.760 --> 02:24.510 eight zero.