Wireshark · Ethereal-users: Re: [ethereal-users] Linux RedHat 6.2

Ethereal-users: Re: [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Hannes R. Boehm" <hannes@xxxxxxxxx>

Date: Fri, 19 May 2000 10:21:59 +0200

On Thu, May 18, 2000 at 04:27:47PM -0400, Dundo wrote:
> I can capture everything else but TCP.....strange, but true......I use 
> ethereal only as 'root'......


Hi,

what kind of UDP packets do you see ?

TCP is connection oriented and can only be used with Unicast.
I assume that your Ethernet is switched. In this case you see
only Multicast and Broadcast. (and your own TCP sessions)

You will see (among others):
ARPs
Spanning Tree PDUs
CDP
NTP Broadcast over UDP 
some IPX/SPX broadcasts 
SAPs 
in general: all MAC layer Broad- and Multicasts 
	    ( dest mac either all ones, or starting with 01:...)  


try to start a TCP connection from your Mach while capturing.


wkr 
Hannes 






-- 
--
"The nice thing about standards is that there's so many to choose from." 
        -- Andrew S. Tanenbaum
!------------------------------------------------------------------!
  Hannes R. Boehm
        email   : hannes@xxxxxxxxx
        www     : http://hannes.boehm.org
        PGP-key : http://hannes.boehm.org/hannes-pgp.asc
!------------------------------------------------------------------!

References:
- [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!
  - From: Dundo
- RE: [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!
  - From: Dan Warburton
- RE: [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!
  - From: Dundo

Prev by Date: [ethereal-users] Need help with ring purges
Next by Date: Re: [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!
Previous by thread: RE: [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!
Next by thread: Re: [ethereal-users] Linux RedHat 6.2 - no TCP traffic?!
Index(es):
- Date
- Thread