|
I am also having
the problem with capture filters (tcpdump syntax) blocking ALL packets, exactly
as described below. In my case it was a fresh install of the latest versions as
of yesterday (Nov 27) on XP, but I tried older versions of both Ethereal and
Winpcap and had the same problem. I'm not getting any "parse error" messages,
just no packets accepted with simple "host a.b.c.d" type
filter.
Cliff Smithson
wrote:
Until recently Ethereal 0.10.6 w/ WinPCap 3.0 has worked on my XP machine. It
has degraded in the past two weeks by the fact that capture filters no longer
capture anything. I'm aware of the syntactic differences between display &
capture. Whereas
HOST 192.168.1.100
or
port 455
would formerly capture a subset ot the flood that is my network traffic, if I
want to capture anything I've got to capture everything. I don't like drinking
from the fire hydrant! Has a recent Redmond rewrite wrecked my routine?
The WinPcap driver was written in Torino, Piemonte, not Redmond,
Washington, so it probably wasn't a Redmond rewrite. Try
capturing with those filters with WinDump and, if that doesn't work, either,
report this as a bug to the WinPcap developers:http://winpcap.polito.it/contact.htm(assuming,
that is, that your network didn't change from a non-switched network to a
switched network if you were capturing "third party"
traffic). |
