Wireshark-dev: Re: [Wireshark-dev] Connecting to router
From: Martin Visser <[email protected]>
Date: Mon, 27 Apr 2009 16:57:37 +1000

That page seems to specifically be involved in troubleshooting network
traffic when connecting to home broadband router. In the situation
mentioned, you will only see traffic between the monitoring PC
(running Wireshark) and the router. It won't help you see other
traffic going to and from the router. A lot of home routers have a
built-in switch with maybe 4 ethernet ports, plus even a wireless
ports. Unfortunately to see all the traffic to and from such a device
isn't a trivial exercise.

Generally you either need a old-fashioned ethernet hub/repeater in the
path to send a copy of traffic to your monitoring PC, or an advanced
switch (meaning expensive) that supports a port monitor mode that also
makes a copy of packets received on a particular port or VLAN to a
nominated port.  Another alternative is if the router supports some
form of packet capture itself. For instance my Linksys router is
running the DD-WRT software which allows me to run tcpdump to do a
packet capture. I can then analyse the capture file with Wireshark.

Regards, Martin

[email protected]

On Mon, Apr 27, 2009 at 4:27 PM, Rohan Solanki <[email protected]> wrote:
> Hi all,
>   While i was searching on the web of "how to connect wireshark to a
> router", I found the following link
> http://www.plus.net/support/broadband/troubleshooting/wireshark.shtml
> In this link, in the 3rd step, in the 3rd sub-step, it states that "Select
> the relevant network interface from the drop-down at the top of the Options
> window. If you are using a router this will be your Network (NIC) card."
> Can anybody explain this statement...
> How do i connect wireshark to a router, so that i can view the packets that
> are flowing through the router?
> Thanks in advance
> Rohan
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <[email protected]>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:[email protected]?subject=unsubscribe