Filters configuration
By default, all the traffic will be monitored by the application, but you may be interested in setting some constraints to limit the inspection to a particular kind of traffic.
For this reason, you can optionally apply filters on the data analysed and displayed by Sniffnet: this is done in the top right section of the application initial page.
You can selectively configure different types of filter:
In the following, we'll go through each of them.
This filter allows users to choose whether to accept or discard traffic based on the carried IP version (IPv4 or IPv6).
By default, both versions are set to be subject of analysis.
To make a change, you have to press the button relative to the IP version you want to toggle.
Remember that for this filter to be valid, at least one of the IP versions must be selected; otherwise you won't be able to start monitoring traffic.
This filter allows accepting or discarding traffic based on the carried protocol (available options are TCP, UDP and ICMP).
Note
Protocols different from TCP, UDP, and ICMP are currently unsupported by Sniffnet and won't be monitored in any case.
ICMP includes both ICMPv4 and ICMPv6.
By default, all the three protocols are set to be subject of analysis.
To make a change, you have to press the button relative to the protocol you want to toggle.
Remember that for this filter to be valid, at least one of the available protocols must be selected; otherwise you won't be able to start monitoring traffic.
This filter enables to accept only the Internet traffic whose source or destination IP address is equal to the value specified.
The filter is changed by typing a new value in the text input box, which can accept a single IPv4/IPv6 address or a list of comma-separated values.
What makes this filter even more powerful is that each of the values in the list can be not only a specific address but also a range.
A range is defined as its lower and upper bounds separated by a dash character (-).
For example, the following picture reports a filter accepting only network packets that have source or destination address in the range 192.168.1.x or equal to 8.8.8.8.
The value you input is validated in real-time, so that you immediately know whether the specified filter is valid or not.
In case of invalid filter definitions, the border of the text input will become red, and you won't be able to start monitoring traffic.
By default, all the IPv4 and all the IPv6 addresses are set to be subject of analysis.
This filter enables to accept only the Internet traffic whose source or destination transport port is equal to the value specified.
The filter is changed by typing a new value in the text input box, which can accept a single port number or a list of comma-separated values.
Similarly to the address filter, also the port filter is highly customisable and supports ranges of values as explained above.
For example, the following picture reports a filter accepting only network packets that have source or destination port in the range 0-1024 or equal to 19220 or 62078.
The value you input is real-time validated, and by default, all the ports are set to be subject of analysis.