Ethereal-users: RE: [Ethereal-users] ethereal 0.8.17
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Toniolo Simone <Simone.Toniolo@xxxxxxxxx>
Date: Wed, 18 Apr 2001 11:07:58 +0200
First thing,
thanks for the prompt reply!!!
My reply wasn't so prompt as you can see ;-)))
The interfaces that I can choose to capture packet on my system
are:
\Device\Packet_{8BC63169-0AF2-4A94-A4AD-F47571A97C65}
\Device\Packet_{DF24464B-87DF-4BA7-BC86-ED9CE829F7EA}
\Device\Packet_NdisWanIp
>From what you say I should have 2 Ethernet interfaces and
the third should be the WAN/PPP interface.
But this puzzles me a little bit. My PC is notebook and in
this moment is connected on the docking station. I have
just one Ethernet port on the PC. And I have one on the docking.
Is this the reason to have two "possible" Ethernet interfaces?
I wrote "possible" because if I try to perform a capture
on this interfaces I obtain an error message that say:
"The capture session could not be initiated (Error opening adapter: The
handle is invalid.).
Please check that you have the proper interface specified.
Note that the driver Ethereal uses for packet capture on Windows
doesn't support capturing on PPP/WAN interfaces in Windows NT/2000"
This let me think that this two handler are for the serial port
and IrDA port, before your suggestion.
So I cannot understand the behaviour. Also because on the 0.8.15
I had only two handler (not three) and the one that was working
was the "strange-name" one.
Regards
Simone Toniolo
> -----Original Message-----
> From: Guy Harris [mailto:guy@xxxxxxxxxx]
> Sent: venerdì 13 aprile 2001 20.50
> To: Toniolo Simone
> Cc: 'ethereal-users@xxxxxxxxxxxx'
> Subject: Re: [Ethereal-users] ethereal 0.8.17
>
>
> > I have downloaded WinPcap 2.1 and Ethereal 0.8.17
> > on my win2k machine (an IBM Thinkpad T20)
> > but when I select the \Device\Packet_NdisWanIp
> > as interface nothingh is captured.
> >
> > Any idea?
> >
> > The 0.8.15 worked correctly on my PC.
>
> Yes, but did it work with \Device\Packet_NdisWanIp?
>
> On the NT 4.0 partition on my machine at home, with WinPcap 2.02,
> Ethereal (built from CVS) didn't show
> \Device\Packet_NdisWanIp as one of
> the network devices on which I could capture; when I upgraded
> to WinPcap
> 2.1, that device showed up - and showed up first on the list,
> so it was
> the default device.
>
> It did allow me to start a capture on the device, but it
> didn't capture
> any traffic, because there wasn't any traffic on my dial-up
> connection -
> my Internet connection was over the Ethernet to an ADSL modem.
>
> If I captured on the Ethernet interface, it worked.
>
> The WinPcap FAQ, at
>
> http://netgroup-serv.polito.it/winpcap/misc/faq.htm
>
> says:
>
> Q-3: Can I use WinPcap on a PPP connection?
>
> A: We have tested WinPcap on PPP connections under Windows 95
> and Windows 98 and it seems to work well. Under Windows NT and
> Windows 2000 there are problems with the binding process, that
> prevents a protocol driver from working on the WAN adapter if it
> is not written by Microsoft.
>
> and it said something similar when WinPcap 2.02 was the standard
> version, i.e. they never supported PPP captures on Windows NT/2000.
>
> If you're trying to capture on a PPP connection, it probably
> won't work
> (and I have the impression it may never have worked); it
> should work on
> an Ethernet interface, but you may have to select a different device
> from the list (on Windows 2000, the name of the Ethernet
> device will be
> something horrible and unreadable such as
>
> \Device\Packet_{BE4BA7D2-1F93-48CA-87CF-4F1693D8F544}
>
> rather than something that makes it obvious that it's your Ethernet
> interface).
>
- Prev by Date: Re: [Ethereal-users] ethereal locks up when I stop a capture
- Next by Date: RE: [Ethereal-users] ethereal 0.8.17
- Previous by thread: Re: [Ethereal-users] ethereal 0.8.17
- Next by thread: RE: [Ethereal-users] ethereal 0.8.17
- Index(es):
