Wireshark-users: Re: [Wireshark-users] Problem with GeoIP
From: Gordon Widera <gwidera@xxxxxxxxx>
Date: Sat, 29 Aug 2009 13:00:46 -0700
Hi Joan,

Yes, I do see the folder. In fact, I see 12 folders about the same number of attempts to try the "Map" function. All 12 folders contain the two files you listed. As for Endpoints, yes I do the GeoIP information. (ie. Country, AS Number, City, Latitude and Longitude). Lastly, like you, I am using FF v3.5.2.


On Sat, Aug 29, 2009 at 11:17 AM, <j.snelders@xxxxxxxxxx> wrote:
Hi Gordon,

Normally everytime you hit the Map button there is a folder created in:
C:\Documents and Settings\<user>\Local Settings\Temp

The folder name looks like : Wireshark IP Map XXXXa03860 and contains 2 files:

Do you see these folder/files?
Do you see the GeoIP info in the Endpoints (IPv4) window?
Also in the Packet Details Pane (IP)?

I use Mozilla Firefox 3.5.2 as default browser.
Can't get it working with Internet Explorer 8.
Wireshark Version 1.2.1 (SVN Rev 29141)

Best Regards

On Sat, 29 Aug 2009 09:51:31 -0700 Gordon Widera wrote:
>I'm having problem getting GeoIP to work and could use some help. I'm
>running WinXP SP3 and Wireshark v1.2.1.
>When I start a capture and try and execute GeoIP:
>Statistics | Endpoints | IPv4 | Map
>I get a Pop-Up Window with the following title and text:
>Move Items
>Select the place where you want to move 'ipmap.html'.
>Then click the Move button.
>I then select a folder but nothing happens.
>Here is my configuration. I've installed the following files on my
>C:\Program Files\Wireshark\GeoIPGeoIP.dat               1,135KB
>C:\Program Files\Wireshark\GeoIPGeoIPASNum.dat    2,214KB        7/17/2009
>C:\Program Files\Wireshark\GeoIPGeoLiteCity.dat       32,046KB      8/1/2009
>Next I made the following changes to Wireshark
>Edit | Preferences | Name Resolution | GeoIP database directories
>C:\Program Files\Wireshark\GeoIP
>Edit | Preferences | Protocols | IP
>Enable GeoIP lookups
>Any ideas?
>Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>Archives:    http://www.wireshark.org/lists/wireshark-users
>Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users