Filter Menu

The dfilter_buttons file defines the filters that appear in the Filter Menu component. When enabled via the enableFilterMenu prop, this provides users with one-click access to predefined display filters.

Configuration File Location

The file can be placed either globally or within individual profile directories:

Default location: /usr/cloudshark/share/wireshark/dfilter_buttons (pre-installed in the Docker container)
Profile location: <profile-directory>/wireshark/dfilter_buttons

When a profile is active and contains a dfilter_buttons file, the profile’s version will be used. Otherwise, the default file is used. You can customize the default location using the --default-filter-menu configuration option.

File Format

The dfilter_buttons file uses CSV format with the following structure:

"TRUE","IPv4//Unicast","ip.dst != 224.0.0.0/4 && ip.dst != 255.255.255.255","IPv4 Unicast"
"TRUE","IPv4//Multicast","ip.dst == 224.0.0.0/4","IPv4 Multicast"
"TRUE","IPv4//Broadcast","ip.dst == 255.255.255.255","IPv4 Broadcast"
"TRUE","IPv4//DHCP","dhcp","DHCP"
"TRUE","IPv6//Global","!ipv6.dst == ff00::/8 && ipv6.dst == 2000::/3","IPv6 Global"
"TRUE","IPv6//Multicast","ipv6.dst == ff00::/8","IPv6 Multicast"
"TRUE","IPv6//Link-Local","ipv6.dst == fe80::/64","IPv6 Link-Local"

Product

Search Results

Filter Menu

Configuration File Location

File Format