Wireshark-dev: Re: [Wireshark-dev] Wireshark outside
From: Jaap Keuter <[email protected]>
Date: Wed, 20 Mar 2019 21:10:33 +0100

Tx is never going to be an input. You’re looking at making a passive tap. See https://wiki.wireshark.org/CaptureSetup/Ethernet for more background info on all capture setups.


On 20 Mar 2019, at 17:20, С.Сергеев via Wireshark-dev <[email protected]> wrote:

Hello, dear developers!

Please help me figure it out.
I'm need to look at the traffic between the computer and the router (wireshark cannot be installed on this computer).

I install Wireshark on another computer (laptop), connect to Ethernet via a regular tee.
In the settings of Kali "Network setting" I turn off the auto-connection, turn off the network.

Wireshark captures packets arriving at the receiving input (RX +, RX-).
Wireshark does not perceive the signals arriving at the transmitting input (TX +, TX-).

In normal mode, when a laptop with Wireshark installed on it is connected to the network, the program works fine.

What needs to be done for Wireshark to capture packets on both the receiving and transmitting inputs?

Laptop: Dell Inspiron 1525

Ethernet controller: Marvell Technology Group Ltd. 88E8040 PCI-E Fast Ethernet Controller (rev 12)

Wireshark 2.6.6 (Git v2.6.6 packaged as 2.6.6-1)

Compiled (64-bit) with Qt 5.11.3, with libpcap, with POSIX capabilities (Linux), with libnl 3,with GLib 2.58.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.6.5, with Gcrypt 1.8.4, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.35.1, with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.

Running on Linux 4.19.0-kali3-amd64, with Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz, with 3937 MB of physical memory, with locale ru_RU.UTF-8, with libpcap version 1.8.1, with GnuTLS 3.6.5, with Gcrypt 1.8.4, with zlib 1.2.11, binary plugins supported (14 loaded). Built using gcc 8.2.0.

С уважением, С.Сергеев