Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: not capturing data packets

From: "Gianluca Varenni" <gianluca.varenni () cacetech com>
Date: Wed, 21 Jul 2010 08:27:07 -0700
A common reason why you only see TCP syn/fin packets is TCP Chimney

http://wiki.wireshark.org/CaptureSetup/Offloading

Have a nice day
GV


From: Martin Visser 
Sent: Tuesday, July 20, 2010 10:37 PM
To: Community support list for Wireshark 
Subject: Re: [Wireshark-users] not capturing data packets


What "NIC" are you using for capture? The team adapter is virtual, so possibly the WinPcap shim does not work well with 
that configuration. (It might see all of the traffic if you choose the physical adapter). 


You might be better off port-mirroring on the switch it connects to, and capturing on a dedicated Wireshark box, rather 
than the server

Regards, Martin

MartinVisser99 () gmail com



On Tue, Jul 20, 2010 at 12:16 AM, Jacque Mergens <jmergens () acuotech com> wrote:

  I am running Wireshark on Windows 2008 Server with a Broadcom team in SLB with failover.



  I am able to capture but the content of the capture is only the syn/ack and fin/ack packets.



  I need to see content and can’t for the life of me figure out why this is happening.



  I have no filters set on capture or on the captured input.



  Can anyone help with this?





  Jacque Mergens

  Infrastructure Architect

  Phone: 952.905.3461 (o)

  Phone: 205.410.8326 (c)

  email: jmergens () acuotech com






  ___________________________________________________________________________
  Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
  Archives:    http://www.wireshark.org/lists/wireshark-users
  Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
              mailto:wireshark-users-request () wireshark org?subject=unsubscribe





--------------------------------------------------------------------------------


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: