[Winpcap-bugs] Problem capturing packets
Gianluca Varenni
gianluca.varenni at cacetech.com
Mon Jul 28 16:08:43 GMT 2008
Problem capturing packetsWhich hub/minihub are you using? what's the traffic speed we are talking about?
Have a nice day
GV
----- Original Message -----
From: Guler Amos
To: Gianluca Varenni ; winpcap-bugs at winpcap.org
Sent: Monday, July 28, 2008 7:25 AM
Subject: RE: [Winpcap-bugs] Problem capturing packets
I disabled the firewall prior to testing, and I tried a different laptop as the sniffer. I too believe it's the hub's fault - have you heard of such problems with hubs before? It's a very simple and cheap mini-hub. Maybe it is not quick enough to transfer all the traffic between all the ports?
------------------------------------------------------------------------------
From: Gianluca Varenni [mailto:gianluca.varenni at cacetech.com]
Sent: Saturday, July 26, 2008 1:25 AM
To: Guler Amos; winpcap-bugs at winpcap.org
Subject: Re: [Winpcap-bugs] Problem capturing packets
This is extremely weird. The only reason I can think of is that the hub is behaving in a strange way. Do you have any personal firewall software installed on the sniffing machine? Have you tried the same experiment with a different machine as a sniffing machine?
Have a nice day
GV
----- Original Message -----
From: Guler Amos
To: Gianluca Varenni ; winpcap-bugs at winpcap.org
Sent: Wednesday, July 23, 2008 4:10 PM
Subject: RE: [Winpcap-bugs] Problem capturing packets
Hello,
I have encountered yet another problem which seems to be related: laptop, terminal A and terminal B are all on the same hub. Laptop runs WinDump (like tcpdump). A and B are having a VoIP conversation. I capture RTP from A to B but no RTP from B to A even though there is such traffic. But I *do* capture RTCP traffic from B to A. What is wrong?! If I can see traffic from B:port_x_plus_1 to A:port_y_plus_1, why can't I see traffic from B:port_x to A:port_y (and I do see the traffic from A:port_y to B:port_x)?
Best regards,
Amos
----------------------------------------------------------------------------
From: Gianluca Varenni [mailto:gianluca.varenni at cacetech.com]
Sent: Monday, July 21, 2008 11:12 PM
To: Guler Amos; winpcap-bugs at winpcap.org
Subject: Re: [Winpcap-bugs] Problem capturing packets
Can you send me a small capture file?
Have a nice day
GV
----- Original Message -----
From: Guler Amos
To: Gianluca Varenni ; winpcap-bugs at winpcap.org
Sent: Monday, July 21, 2008 11:34 AM
Subject: RE: [Winpcap-bugs] Problem capturing packets
As far as I can tell, they are identical.
Thanks,
Amos
--------------------------------------------------------------------------
From: Gianluca Varenni [mailto:gianluca.varenni at cacetech.com]
Sent: Monday, July 21, 2008 7:47 PM
To: Guler Amos; winpcap-bugs at winpcap.org
Subject: Re: [Winpcap-bugs] Problem capturing packets
Are the duplicated packets exactly the same?
Have a nice day
GV
----- Original Message -----
From: Guler Amos
To: winpcap-bugs at winpcap.org
Sent: Monday, July 14, 2008 3:05 AM
Subject: [Winpcap-bugs] Problem capturing packets
Hello,
I am running wireshark 1.0.2 with winpcap 4.0.2 on a windows xp pro sp2 build 2600 station. The network adapter is Intel, E10009 PRO/1000 MT. It is connected to a hub (not switch!) with other two machines, A and B. When I ping from A to B I get a reply, but wireshark shows 8 ICMP requests from A to B instead of 4 requests from A to B and 4 replies from B to A. When I ping from A to the machine running the wireshark, I also get reply, but this time wireshark correctly shows 4 requests and 4 replies. The adapter is configured for promiscuous mode, of course.
Please advise.
Thanks and best regards,
Amos Guler
DSP team leader
CMS / VAS
Comverse
Office: +972 3 6452779
Mobile: +972 52 8542779
Amos.Guler at comverse.com
www.comverse.com
------------------------------------------------------------------------
_______________________________________________
Winpcap-bugs mailing list
Winpcap-bugs at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-bugs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-bugs/attachments/20080728/837ed0b2/attachment-0001.htm
More information about the Winpcap-bugs
mailing list