On Mon, 19 Aug 2002, Hutchins, Brad wrote:
> Just got ethereal for the first time and I am confused about something.
>
> I go into the protocols and disable all but ICMP, and I ping a target. The
> capture shows packets being incremented, but when I look at them in the GUI
> it shows no origin or destination or protocol type.
>
> I enable all the protocols and ping the same target and I get the above
> information as I expect including the ICMP from the pings. I go back and
> disable the all the protocols except ICMP and I get the same results as
> above (no origin, destination or protocol).
The ICMP dissector won't get called unless the IP dissector gets called.
Assuming you're capturing from Ethernet, the IP dissector won't get called
unless the Ethernet dissector gets called. At a minimum you'll have to
enable ICMP, IP, and Ethernet.
Note that if you only want to see ICMP traffic, you can skip the
"Protocols" dialog box altogether and type "icmp" in the filter entry at
the bottom of the main window.
