[Winpcap-users] Traffic from VMWare application with WinPcap

Okraszewski, Marcin Marcin.Okraszewski at pl.compuware.com
Fri Aug 22 08:26:44 GMT 2008 

If you are using VMWare Server there is a commandline tool to make captures on VMWare virtual networks. In Linux it is vmnet-sniffer. You may try this.

Marcin


The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it. 

 
Compuware sp. z o.o. (registration number KRS 595) is a company registered in Poland whose registered office is at Ul. Dmowskiego 12,80-264 Gdansk Rejestr handlowy KRS 0000000595 Sadu Rejonowego Gdansk-Polnoc w Gdansku VII Wydzial Gospodarczy Kapital zakladowy 1.140.000 zl oplacony gotówka; NIP: 584-20-88-050; REGON: 191352920 
 

From: winpcap-users-bounces at winpcap.org [mailto:winpcap-users-bounces at winpcap.org] On Behalf Of Gianluca Varenni
Sent: Thursday, August 21, 2008 8:48 PM
To: winpcap-users at winpcap.org
Subject: Re: [Winpcap-users] Traffic from VMWare application with WinPcap

I think VmWare uses an NDIS Intermediate (IM) driver sitting below the 
WinPcap driver. In this case you won't see the guest packets as they are 
managed by the IM driver sitting below WinPcap. But you can probably capture 
the VM traffic on the virtual network interfaces created by VMware itself.

I don't know if it's possible with WinPcap to sniff the VM traffic. It's 
definitely feasible, but I guess you would need another NDIS intermediate 
driver sitting below the VMware one.

Have a nice day
GV

----- Original Message ----- 
From: mlimade-vm03 at yahoo.com.br
To: winpcap-users at winpcap.org
Sent: Tuesday, August 19, 2008 4:57 PM
Subject: [Winpcap-users] Traffic from VMWare application with WinPcap


  Hi,

  I have tried an application of traffic monitor by application based on
WinPCap library, but I have a special need, that is detect the traffic from
a virtual machine based on VMWare technology. I install the traffic monitor
inside a Windows XP Virtual machine and the traffic inside is detected, but
I was expecting that if I install it in the VM host machine the monitor 
detects
the traffic how if it come from the VMWare Player application, but it not
happens, like no traffic exists. The VMWare player create virtual networks,
but the real traffic is bridged to real NIC and should be detected, or not?
Maybe, VMWare Player use an unpredictable way to access network.
There a way to detect it? Because I need to know how much traffic each
VM is using amog many VM's without put a traffic monitor por each one,
but only in the host machine.

Thanks for advance

Mauricio Lima





Novos endereços, o Yahoo! que você conhece. Crie um email novo com a sua 
cara @ymail.com ou @rocketmail.com.



_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users 

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

More information about the Winpcap-users mailing list