Wireshark

  • Riverbed Technology
  • WinPcap
SHARKFEST '12 - Wireshark Developer and User Conference - June 24-27, 2012 - UC Berkeley, Clark Kerr Campus
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] Query about capturing on Broadcom BMC5708C

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Gianluca Varenni" <gianluca.varenni@xxxxxxxxxxxx>
Date: Wed, 31 Dec 2008 15:14:09 -0800

Does the card have TOE (TCP Offloading Engine), also known as TCP Chimney? If that's the case, and Chimney is enabled, you won't be able to capture the TCP stream because the traffic goes directly from the TCP/IP protocol driver to the card (thru a "chimney"), and WinPcap (the capture engine used by Wireshark) cannot capture such traffic.
If that's the case, the only workaround is disabling Chimney on such network adapter. 

Have a nice day
GV
----- Original Message ----- From: "Andrew Hood" <ajhood@xxxxxxxxx> 
To: "Community support list for Wireshark" <wireshark-users@xxxxxxxxxxxxx>
Sent: Monday, December 29, 2008 5:17 PM
Subject: [Wireshark-users] Query about capturing on Broadcom BMC5708C



I have a server (quad Xeon) with the above noted NICs running Windows
Server 2003R2 Enterprise Edition with PAE enabled.

Wireshark 1.0.5 appears to not see all the traffic. It must be there as
the application is working. Sometimes I can see the SYN/SYN+ACK/ACK but
not the rest of the stream. Sometimes I get the whole stream. I have
tried running w/s on all interfaces and the traffic is not arriving on
another interface.

Do you have to run wireshark as the local administrator or should anyone
with admin rights be able to see all the traffic?

--
There's no point in being grown up if you can't be childish sometimes.
               -- Dr. Who
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
  • References:
    • [Wireshark-users] Query about capturing on Broadcom BMC5708C
      • From: Andrew Hood
  • Prev by Date: Re: [Wireshark-users] Network traffic between my router and my ISP?
  • Previous by thread: [Wireshark-users] Query about capturing on Broadcom BMC5708C
  • Next by thread: [Wireshark-users] Network traffic between my router and my ISP?
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation