Hi Sake
Thanks for your reply. Very helpful.
Our traffic is point-to-point UDP. No broadcast. To be honest, I don’t know how to set up multi-cast.
The interface is a Gigabit Ethernet ExpressCard, not the laptop’s native Ethernet interface.
I guess I should check the MAC address again. Any other thoughts please?
BR
David
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx]
On Behalf Of Sake Blok
Sent: 07 March 2012 11:20
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] More problems with Windows 7 firewall
On 7 mrt 2012, at 12:02, David Aldrich wrote:
I wrote in a thread last week that we have a Windows 7 console application that communicates with an embedded processor card using UDP. I
have watched the communication flow using Wireshark and it looks fine. I have set, what I believe to be, appropriate inbound and outbound rules for Windows 7 firewall. On one PC the application runs fine, but on another PC inbound packets on one port are
not reaching the application.
The weird thing is that on the failing PC, if I start a Wireshark capture on the interface, the inbound packets do reach my application. As soon as I stop the capture the
inbound packets fail to reach the application.
Please can anyone suggest why Wireshark is having this effect?
Wireshak will put the capture interface in promiscuous mode by default. This means it will forward all packets on the captured interface to the OS. When a NIC is not in promiscuous mode, it will only forward frames to it's own mac-address,
the broadcast address and every multicast address that the NIC has been subscribed to.
What kind of traffic does your application use? And if it uses multicasts, do you actively subscribe to the multicast group(s)?
Click
here to report this email as spam.
