Wireshark · Wireshark-users: Re: [Wireshark-users] I see no captured packets at all

["C.E.E.Pernot" <info@xxxxxxxxxxxx>]

Dear Jim,

thanks a lot for your comprehensive answer. I switched on my laptop and 
I was very surprised that Wireshark started unexpectedly capturing !! I 
changed nothing as far as I know. Two days of trying and now it works!

If I think what the change could have been: (i) I disabled the routed 
sending out the SSID, (ii) I restarted the router of course and (iii) I 
disconnected and connected my laptop again to the wireless network. No 
big things I guess.

Anyway, thanks again for your trouble.

Kind regards,
Cor

Small, James schreef:
> Cor,
>
> Unfortunately, many wireless cards in Windows do not allow you to do
> network captures.  I use to have a link to a web site that explained it
> all and had a list of Wireless NICs/Chipsets and which ones worked or
> didn't work for network captures but now I can't find it.
>
> However, many times you can get around this by bridging if you're using
> XP.  Basically, you need to add the Microsoft Bridge and add your
> wireless adapter to it.  You then choose the Microsoft MAC Bridge
> Virtual NIC as the capture source instead of the Wireless card.  This
> works in the majority of cases - I use it myself.
>
> If I remember correctly, in the Network Control Panel, I believe you
> select two adapters and then select bridge.  This creates a Microsoft
> Virtual Bridge with the two adapters as members of the bridge.  After
> the bridge is created, you can remove everything except your wireless
> card and try capturing as described above (just go into the bridge
> properties).
>
> When you create the bridge, it acts just like a simple network bridge
> including emitting 802.1d spanning tree BPDUs.  Be warned, many switches
> (especially corporate ones) are configured to basically shutdown if they
> detect spanning tree BPDUs.  Usually if you're just bridging your
> wireless card this doesn't create problems.  However, I have run into
> some instances where the wireless network is seamlessly bridged to a
> wired switch and when the switch detects spanning tree BPDUs, it
> disables the switch port that the access point is on.  This is rare but
> possible so be warned!
>
> Also, sometimes my wireless connection can be a little flakey and if I
> remove the bridge the problems go away.  That said, I usually always run
> in bridged mode so I can do captures and for the most part it works
> well.
>
> Let me know if you have trouble setting up the bridging,
>   --Jim
>
>
>   
> > -----Original Message-----
> >     
> > > > I installed Wireshark (Version 0.99.4 (SVN Rev 19757)) on my laptop
> > > > (Acer Aspire 6510 with a build in Intel PRO/Wireless 3945ABG
> > > >         
> network
>   
> > > > card), running Windows XP sp2.
> > > > My LAN has an Asus WL500g router and  a 3COM switch for the wired
> > > > desktops attached to it.
> > > >
> > > > When I start capturing on the laptop, the name of my networkcard is
> > > > mentioned in the top of the capture window all right, but no
> > > >         
> captured
>   
> > > > packets are shown, even if I wait for 10 minutes.
> > > >
> > > > I also uninstalled and re-installed WinPcap (version 3.1)
> > > >
> > > > What am I doing wrong? Is this network card the evil part?
> > > > On one of the wired desktops, it works fine.
> > > >         
>
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>