Hi,
Wireshark is just the 'top of the foodchain' so to speak. Below that in libpcap
to do the capture. That is plugged into the OS'es network software, which itself
sits on top of network card driver software, which works with the cards'
firmware, which interacts with the network hardware.
As you see many pieces are involved. The Windows parts (network stack and
drivers) are not well known for their VLAN support. In Linux (Ubuntu uses the
Linux kernel) this is much better handled, even on the same hardware.
Thanx,
Jaap
ketzal devims wrote:
But I'm using Wireshark exactly on the same computer.
I removed Windows XP to put Ubuntu 9.04...
Best regards
Louis
2009/9/21 Jaap Keuter <jaap.keuter@xxxxxxxxx <mailto:jaap.keuter@xxxxxxxxx>>
Hi,
That depends on the network card, driver and network stack. Windows
is notorious
for not showing VLAN info. See
http://wiki.wireshark.org/CaptureSetup/VLAN
Thanx,
Jaap
ketzal devims wrote:
> Hi Stephen, I forgot a question:
>
> Why is there this problem on linux and not on Windows Wireshark
version?
>
> Best Regards
> Louis
>
> 2009/9/21 Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx
<mailto:steve@xxxxxxxxxxxxxxxxxx>
> <mailto:steve@xxxxxxxxxxxxxxxxxx <mailto:steve@xxxxxxxxxxxxxxxxxx>>>
>
>
> On Sep 21, 2009, at 1:14 PM, ketzal devims wrote:
>
> > I�m able to see these packets without filter... Why can�t
I see them
> > with th filter?
> >
> > Some friend told me it's a libpcap problem. The libpcap
version in
> > my computer is 1.0.0-1 (almost the last one)
> >
> > What's going on??? I really don't understand.
>
> A common cause of this seems to be when you have 802.1q VLAN tags
> coming into the machine and being passed up into Wireshark.
If this
> is the case, you would need to use "vlan and <your filter>".
>
>
> Steve
>
