Wireshark-bugs: [Wireshark-bugs] [Bug 4549] Error while capturing packets: read error: PacketRec
Date: Mon, 6 Dec 2010 11:18:59 -0800 (PST)

--- Comment #5 from Enrique Perez-Terron <enrique@xxxxxxxxxxxxxxx> 2010-12-06 11:18:53 PST ---
My network: A wireless router: Linksys "D-Link" model DI-524.
An older Compaq Presario running Windows XP Home Edition connected by cable to
the router. (Cat-5, RJ45, about 150cm). A newer Packard Bell iXtreme Windows 7
(where the failure happens) having an USB WiFi stick: Gigabyte GN-WB32L
802.11n, an eeepc running Windows 7, an old laptop Toshiba running XP, a
medium-aged (3-4 years old Acer Aspire 5112WLMi running Linux. All are on the
same 192.168.0.xxx network. The Packard Bell Windows 7 and two laptops are in
the floor above the D-Link. The laptops report "excelent" signal strength.

The capture scenario: The "F-Secure Internet Security 2011" antivirus package
running on the Packard Bell (PBW7) has a firewall that suddenly started to
block responses to Netbios name queries. Trying to debug this, I started the
capture on the first interface listed. 

Problem: There are three interfaces listed, "Microsoft", "Microsoft", and
"Realtek PCIe GBE Family Controller". How do I know the difference between the
two "Microsoft" entries?

Possibly related: I never bothered with the CD that came with the USB WiFi
stick. Perhaps if I find that CD somewhere in the pile, the interface will get
a distinct name, and perhaps even the error will disappear. For now, since the
Wireshark error dialog asks me to report the error I assume it is of interest
to be able to reproduce the error, so I will leave the CD alone for some days.

I did not see any packets dropped statistics - I will look out for it next

I forgot to stop the capture, so  left Wireshark running overnight and found
the error dialog next morning. Unfortunately I did not save the capture, so I
have to rely on a fairly unreliable memory for this: There was a four-digit
number of frames, and a five-digit number of seconds in the last frame

Capture options: Interface: Local; Microsoft:
Link-layer header type:Ethernet
Capture packets in promiscuous mode (on)
Buffer size: 1 megabyte
Capture filter (empty field)
Display options: all three options enabled.
Name resolution: Enable MAC and transport name resolution - not network n.r.

I just downloaded windump and will try it out later this evening if my better
half allows. What else would be useful to you?

Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.