Re: More problems with Windows 7 firewall

[Sake Blok <sake () euronet nl>]

On 7 mrt 2012, at 12:27, David Aldrich wrote:

> The weird thing is that on the failing PC, if I start a Wireshark capture on the interface, the inbound packets do 
> reach my application.  As soon as I stop the capture the inbound packets fail to reach the application.
>  
> Please can anyone suggest why Wireshark is having this effect?
>  
> Wireshak will put the capture interface in promiscuous mode by default. This means it will forward all packets on the 
> captured interface to the OS. When a NIC is not in promiscuous mode, it will only forward frames to it's own 
> mac-address, the broadcast address and every multicast address that the NIC has been subscribed to.
>  
> What kind of traffic does your application use? And if it uses multicasts, do you actively subscribe to the multicast 
> group(s)?
>  
> Our traffic is point-to-point UDP. No broadcast.  To be honest, I don’t know how to set up multi-cast.
>  
> The interface is a Gigabit Ethernet ExpressCard, not the laptop’s native Ethernet interface.
>  
> I guess I should check the MAC address again. Any other thoughts please?

Will, if you exchanged the receiving systems, the sending system might still send traffic to the mac of the other 
system due to its arp cache. Flush its arp cache and see if that helps...

Cheers,
Sake

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe