How do you add a protocol-specific color rule for a particular host?

Coloring rules in Wireshark work by attaching a color to packets that match a filter expression. To highlight a specific host, you create a rule whose condition identifies packets involving that host. Using ip.addr matches either source or destination IP, so ip.addr == 10.0.0.5 captures all traffic to or from that host. Then assign a color to that rule. This makes those packets stand out in the capture, regardless of protocol, which is useful for quickly spotting all activity from that host. If you wanted to focus on a particular protocol for that host, you could refine the rule to include a protocol condition, such as http and ip.addr == 10.0.0.5, but the method remains the same: create a coloring rule with a matching expression and assign a color. The other options would color broader traffic or not target the host specifically, so they don’t provide the targeted highlighting.