ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 5516] New: Server 2008: tshark -i - doesn't work like it d

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 22 Dec 2010 13:33:20 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5516

           Summary: Server 2008: tshark -i - doesn't work like it does on
                    windows XP
           Product: Wireshark
           Version: 1.4.2
          Platform: x86-64
        OS/Version: Windows Server 2008
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: TShark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: craig@xxxxxxxxxxxxxxxxxx


Build Information:
The NPF driver isn't running.  You may have trouble capturing or
listing interfaces.
TShark 1.4.2 (SVN Rev 34959 from /trunk-1.4)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GLib 2.22.4, with WinPcap (version unknown), with libz
1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8, with c-ares
1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with
MIT Kerberos, with GeoIP.

Running on 32-bit Windows Server 2008 R2, build 7600, without WinPcap.

Built using Microsoft Visual C++ 9.0 build 30729
--
I'm downloading and installing the wireshark windows PortableApps (32-bit) onto
a x86 64-bit machine running windows server 2008. I'm comparing running tshark
from here, with the same installation running on a 32-bit laptop with windows
XP.

When I'm on my windows xp machine, both the following commands work fine:

tshark -i - <IN05a.pcap
tshark -r IN05a.pcap

If I run the exact same commands on a windows server 2008 machine, the  -i
fails but the -r works. 

Here's what I see for the failing -i command:
===========================================
The NPF driver isn't running.  You may have trouble capturing or
listing interfaces.
tshark: WinPcap couldn't be found.
Unable to load WinPcap (wpcap.dll); TShark will not be able to capture
packets.

In order to capture packets, WinPcap must be installed; see

        http://www.winpcap.org/

or the mirror at

        http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/

or the mirror at

        http://winpcap.cs.pu.edu.tw/

for a downloadable version of WinPcap and for instructions on how to install
WinPcap.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube