Wireshark mailing list archives
Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC?
From: Greg Hauptmann <greg.hauptmann.ruby () gmail com>
Date: Mon, 16 Aug 2010 11:40:29 +1000
still stuck on this :( I've found that using for a capture filter "tcp and host <<PC IP ADDRESS>> and host proxy.mycompany.com", whilst is a valid filter, does NOT do the job I require. It seems to be the case the actual traffic flow will reflect an IP address that has a host name of one of the assigned proxy servers by the main DNS server (e.g. proxy4.domainx.mycompany.com) and hence I'm guessing due to this the filter does not work. Any other ideas/suggestions here? I'm kind of stuck for the moment. Again the challenge is how to capture traffic only bound through the proxy servers, but for which you don't really know which proxy server that DNS is going to allocate to you based on the main DNS proxy name (proxy.mycompany.com). On 15 August 2010 21:09, Greg Hauptmann <greg.hauptmann.ruby () gmail com> wrote:
in fact would a capture filter of "host proxy.mycompany.com and host <my local host ip>" be enough to solve this? i.e. would wireshark then, irrespective of the actual proxy server my request gets assigned to (noting there are several nominated under the one DNS name for resiliency), just double check that the IP address for this proxy server resolves to "proxy.mycompany.com" and then if it does put it in scope? On 13 August 2010 15:08, Greg Hauptmann <greg.hauptmann.ruby () gmail com> wrote:Hi, Can anyone advise how I could set up a filter that covered off only traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] - note here I want to be able to put the DNS name for the proxy here [as there can be a number of different IP's that DNS may issue back to give you your specific proxy server to use] (b) to/from my PC that is running wireshark? thanks-- Greg http://blog.gregnet.org/
-- Greg http://blog.gregnet.org/ ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 12)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 15)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 15)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Martin Visser (Aug 15)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 15)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Martin Visser (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Kevin Cullimore (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Kevin Cullimore (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Sake Blok (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Martin Visser (Aug 16)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 15)
- Re: how can I filter on traffic that is (a) going in/out through the company internet proxy [e.g. proxy.mycompany.com] and (b) to/from my PC? Greg Hauptmann (Aug 15)