While working with packets, you might find and mark packets that are interesting, so you can return to them at a later date. In addition, you may want to ignore specific packets.

This next grouping of selections offers ways to mark packets:

• Mark/Unmark Packet: This allows you to mark a specified packet or packets, which turns the packet(s) black for easy visual reference.
• Mark All Displayed: This will mark all displayed packets, meaning if you used a display, filter Wireshark will only mark the packets that are displayed.
• Unmark All Displayed: If all displayed packets are already marked then this will unmark all displayed packets.
• Next Mark: When packets are marked, this option allows you to move to the next marked packet.
• Previous Mark: When packets are marked, this option allows you to navigate back to the previous marked packet.

In addition to marking packets to identify items of interest, you may want to ignore specific packets. The following shows how you can select specific packets to ignore while doing your analysis:

• Ignore/Unignore Packet: This allows you to select a packet and, once selected, it will be as if the packet never existed, and it won't show up in statistics or a flow graph; it's simply ignored. Once you select ignore, the packet line will have a reference reading <Ignored>, as shown here:

• Ignore All Displayed: This will ignore all displayed packets, meaning if you used a display filter, Wireshark will ignore only the displayed packets.
• Unignore All Displayed: If the displayed packets are ignored, when selected, Wireshark will unignore all displayed packets.

While some packets may be ignored as they hold no value in the analysis, you may want to use some method to determine delays, as we'll see next.