Does anyone know how to clear the filter drop down (combo) contents in Wireshark? Are the contents stored in a file somewhere?
For the life of me, I can't figure this out. And, the Wireshark help file only tells me "The entries in the pull down list will remain available even after a program restart."
Sigh...
Answered my own question.
The filter history is stored in c:\documents and settings\foo\Application Data\Wireshark\recent, where "foo" is your windows user name.
I don't use Wireshark in Linux, so I don't know where this file lives there. I would imagine in your home directory.
In that file, there's a section labeled "######## Recent display filters (latest last), cannot be altered through command line ########". Each recent.display_filter line is an entry in the filter drop down. Just remove the filters you don't want in the drop down, or remove them all to clear the filter history entirely.