[Lab] Wireshark Capture Filters

1. Capture all packets to/from the network 2001:dd8:8:701::/64. To verify your filters, browse the websites blog.apnic.net and www.apnic.net, and ping those sites.
   Further reading: IPv4 and IPv6 address formats
2. Capture all ARP packets observed in your subnet. Then run the "ipconfig" command on Windows (or "ifconfig" on Unix) to find out your own IPv4 address. Ask your neighbor to "ping" that address. Identify the ARP packets initiated by your neighbor. (The source IPv4 address will belong to his/her host.)
3. Capture the SYN packet which starts a TCP 3-way handshaking. Use bbs.ncnu.edu.tw to verify your filter.
   Q: How to chapture the 3 packets of TCP handshaking?
4. Capture TCP packets with no pyaload data. That is, only IP and TCP headers are contained in the packets. The value of the "Total Length" field in IP headers will thus be 40.
   Hint:
   1. ip[0] means the first byte of the IP header
   2. (ip[0] & 0xF0) >> 4 means the first nibble of the IP header
   3. ip[2:2] means the third and the fourth bytes.
   
   Remark: You may notice that SYN packets are not captured. Try to double-check the size of a SYN packet.