While analyzing packets, you may see an item or value you would like to copy. Wireshark makes this easy to accomplish as the Copy menu choice has many submenus to further define copy options. In addition, we'll see how we can locate a specific packet or a string value within the capture.

Copy allows you to copy various items to the clipboard. For example, in frame 5, expand the IP header and select the source IP address. Go to Edit | Copy and then expand the selections, as shown here:

The Copy submenu has the following options to select from: 

• Value: This will copy the 168.1.140 IPv4 address.
• As Filter: This will create a filter based on the IPv4 address you selected or any other value. You can then paste the filter in the display filter area, press Enter, and Wireshark will run the filter.

Within the Edit menu choice, there are a few groupings of selections. We'll start with the first grouping, which offers ways to find packets:

• Find Packet: This is where you can search for specific packets and even find string values within a packet capture.
• Find Next: If Wireshark finds what you are looking for, Find Next will go to the next instance.
• Find Previous: If Wireshark finds what you are looking for, Find Previous will go back to the previous packet.