Wireshark · Wireshark-users: [Wireshark-users] USB Capture Explanation: Difference Interface vs. Port vs. Endpoint

Wireshark-users: [Wireshark-users] USB Capture Explanation: Difference Interface vs. Port vs. End

From: "Rolf Inator" <rolfinator3000@xxxxxx>

Date: Fri, 22 Aug 2014 15:07:16 +0200

Hi there,

I am currently trying to sniff some USB traffic from a USB flash drive to a virtual (Ubuntu) machine. But I am confronted with a few understanding problems. Given the following packet (contains every field I am unsure about):

1   0.000000000 host    1.0 USBHUB  64  GET_STATUS Request     [Port 1]
Frame 1: 64 bytes on wire (512 bits), 64 bytes captured (512 bits) on interface 0
Endpoint: 0x80, Direction: IN

So my questions are:

Is the port (indicated with "[Port 1]") the physical port on my machine? And if so: Are they numbered beginning with 0? (So if I have 4 ports, the first one would be 0 and the last one would be 3)
An interface is the logical grouping of several endpoints with the same features. (please correct me, if I am wrong)
The endpoints are just the indication of the (in case of the mass storage I connected) direction of the access (in this case "IN" -> from host to USB device)

Thanks a lot for your help!

Regards, Rolf

Prev by Date: Re: [Wireshark-users] TCP Delta question
Next by Date: [Wireshark-users] TCP streams and FW-1
Previous by thread: Re: [Wireshark-users] TCP Delta question
Next by thread: [Wireshark-users] TCP streams and FW-1
Index(es):
- Date
- Thread