On Tue, Oct 30, 2001 at 11:46:40PM -0700, Brent Arias wrote:
> I just installed the Ethereal binary on my Win 98es machine. It comes up
> just fine but then displays zilch for network traffic anywhere including the
> machine it is installed on. I can open my web browser on the same machine
> to see outgoing http requests, but I see zilch. I can send ICMP ping stuff
> to the machine which Ethereal is installed on, but Ethereal still displays
> absolutely no traffic information.
>
> Yes, I do have all protocals selected. I have never installed any software
> like this before on this machine. I did not install anything but the
> ethereal binary setup exe. I did not install WinPcap
If you didn't install WinPcap, when you tried selecting "Start" from the
"Capture" menu, it should have popped up a dialog box saying "Unable to
load WinPcap (wpcap.dll); Ethereal will not be able to capture packets."
Given that, it should have been impossible to start a capture; unless
there is a capture running, there is no reason to expect Ethereal to
display any network traffic. It doesn't start capturing traffic the
instant you start it up; you have to tell it to start capturing (you
might have started it, for example, in order to read an *existing*
capture file, so it'd be incorrect for Ethereal to just start capturing
as soon as you started it).
> - but from what I understand, I only need that if I am capturing to a
> file. I understand that if I merely want to watch traffic as it zings
> by, then I don't need to install WinpCap.
>From what did you infer that? If there's something on our site, or in
our documentation, that could be read as imply that, we need to fix
that...
...as it is not, in fact, true; you need to have WinPcap installed to
see any network traffic *at all* (in fact, Ethereal *always* captures to
a file; it doesn't just show you traffic as it goes by, it saves it to a
temporary file as it captures it).
