Wireshark · Wireshark-users: Re: [Wireshark-users] not capturing data packets

Wireshark-users: Re: [Wireshark-users] not capturing data packets

From: "Gianluca Varenni" <gianluca.varenni@xxxxxxxxxxxx>

Date: Wed, 21 Jul 2010 08:27:07 -0700

A common reason why you only see TCP syn/fin packets is TCP Chimney

http://wiki.wireshark.org/CaptureSetup/Offloading

Have a nice day

From: Martin Visser

Sent: Tuesday, July 20, 2010 10:37 PM

To: Community support list for Wireshark

Subject: Re: [Wireshark-users] not capturing data packets

What "NIC" are you using for capture? The team adapter is virtual, so possibly the WinPcap shim does not work well with that configuration. (It might see all of the traffic if you choose the physical adapter).

You might be better off port-mirroring on the switch it connects to, and capturing on a dedicated Wireshark box, rather than the server

Regards, Martin

MartinVisser99@xxxxxxxxx

On Tue, Jul 20, 2010 at 12:16 AM, Jacque Mergens <jmergens@xxxxxxxxxxxx> wrote:

I am running Wireshark on Windows 2008 Server with a Broadcom team in SLB with failover.

I am able to capture but the content of the capture is only the syn/ack and fin/ack packets.

I need to see content and can’t for the life of me figure out why this is happening.

I have no filters set on capture or on the captured input.

Can anyone help with this?

Jacque Mergens

Infrastructure Architect

Phone: 952.905.3461 (o)

Phone: 205.410.8326 (c)

email: jmergens@xxxxxxxxxxxx

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

References:
- [Wireshark-users] not capturing data packets
  - From: Jacque Mergens
- Re: [Wireshark-users] not capturing data packets
  - From: Martin Visser

Prev by Date: Re: [Wireshark-users] not capturing data packets
Next by Date: [Wireshark-users] HTTP obvious question (Window size)
Previous by thread: Re: [Wireshark-users] not capturing data packets
Next by thread: [Wireshark-users] network monitor 3.3 traces cannot be read
Index(es):
- Date
- Thread