Objective: Use a custom capture filter on Wireshark to observe only traffic involving a local host. Description: In this project, you build a custom filter for your own traffic.

1. Open a command prompt window. (Use the Start menu search box or the Search box on the task bar. Type cmd and then press Enter.)
2. Start Wireshark.
3. In Wireshark, click Capture and then click Capture Filters. The Capture Filter window appears.
4. Click the plus sign (+) button to create a new filter. A new filter entry appears. In the filter string portion (which displays “ip host host.example.com”), enter the IP address of your computer. Double-click the filter name portion of the entry (which displays “New capture filter”) and enter My IP. In the example shown in Figure 5-32, the IP address is 192.168.1.162. When finished, click OK.
5. Click Capture and then click Options. In the box at the top of the Capture Options dialog box, select the active network interface and then click Start to begin capturing packets.
6. Switch to the command prompt and ping a host on the local network.
7. Switch back to Wireshark and notice that only traffic sent to your computer’s IP address, such as Echo Reply messages, appear in Wireshark.
8. Click Capture, and then click Stop to stop capturing packets, or click the Stop button on the main toolbar.
9. Close Wireshark and click Continue without Saving. The filter will be available the next time you use Wireshark.