• nstrace.nicno – Nic No

• nstrace.dir – Operation

• nstrace.pdevno – PcbDevNo

• nstrace.l_pdevno – Linked PcbDevNo

• nstrace.vlan – Vlan

You can use any of the following expressions to filter the NetScaler Packet Trace header information:

• When trying to correlate client side and service side connections, you can create a filter using the nstrace.pdevno and nstrace.l_pdevno expressions:

  (nstrace.pdevno == 0x000b4cba) || (nstrace.l_pdevno == 0x000b4cba)

  

• To get the equivalent of “follow tcp stream” by using PCB devno, you can use the following example filter:

  nstrace.pdevno == 0x000b4cba

• To filter a capture on a particular NIC number and Operation (RX, TXB) use the following example filter:

  (nstrace.nicno == 8) && (nstrace.dir == 0xe2)

  

Security Permissions Required by Wireshark

Select Start WinPcap service “NPF” at startup during installation to allow users without Administrator privileges to run captures.

Additional Resources 

You can refer to the Wireshark web site for more information on how to use all the features in this tool.

Important!: This web site might contain links to Web sites controlled by parties other than Citrix. Citrix is not responsible for and does not endorse or accept any responsibility for the contents or use of these third party web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked web site. It is your responsibility to take precautions to ensure that whatever you select for your use is free of viruses or other items of a destructive nature.