Revision history - Ask Wireshark

C:\Program Files\Wireshark>tshark -v TShark (Wireshark) 3.6.2 (v3.6.2-0-g626020d9b3c3) i) C:\Program Files\Wireshark>tshark -D 1. \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D} (Local Area Connection* 11) 2. \Device\NPF_{04139B68-62C6-4DB1-BFBF-A760ED12A89F} (Local Area Connection* 10) 3. \Device\NPF_{DF9D2BE3-E6D5-4A21-AC03-1843EF8D20AF} (Local Area Connection* 9)4. \Device\NPF_{18C1F50D-AB34-4264-A46C-F07B12DC8374} (Bluetooth Network Connection) 5. \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E} (Wi-Fi) 6. \Device\NPF_{673D9231-1802-400C-9A52-E9961C4100E8} (Local Area Connection* 12) 7. \Device\NPF_{6D8E8D22-C3A8-4970-8C9C-220C72864FEC} (Local Area Connection* 3)8. \Device\NPF_Loopback (Adapter for loopback traffic capture)

ii) C:\Program Files\Wireshark>tshark -i \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D} Capturing on 'Local Area Connection* 11' * (tshark:11600) 16:57:18.532137 [Main MESSAGE] -- Capture started. * (tshark:11600) 16:57:18.534207 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Local Area Connection- 11TDSJI1.pcapng" 0 packets captured

iii) I try the wifi interface as follow, it seams capturing something , but no window display. only in the command line ie: no window display as a normal window program does.

pls see be low

C:\Program Files\Wireshark>tshark -i \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E} Capturing on 'Wi-Fi' * (tshark:2756) 16:59:54.232843 [Main MESSAGE] -- Capture started. * (tshark:2756) 16:59:54.235762 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Wi-FiCEFRI1.pcapng" 1 0.000000 192.168.10.129 → 192.168.10.255 UDP 82 57797 → 1947 Len=40 2 1.099626 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 Who has 192.168.10.1? Tell 192.168.10.129 3 1.100264 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 192.168.10.1 is at 30:23:03:40:b5:f2 4 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 5 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 6 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 7 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 8 6.107851 192.168.10.129 → 224.0.0.251 IGMPv2 46 Membership Report group 224.0.0.251 9 7.879010 104.17.108.108 → 192.168.10.129 TLSv1.2 568 Application Data 10 7.879163 192.168.10.129 → 104.17.108.108 TLSv1.2 404 Application Data 11 7.883352 104.17.108.108 → 192.168.10.129 TCP 54 443 → 49817 [ACK] Seq=515 Ack=351 Win=122 Len=0 12 10.610794 192.168.10.129 → 224.0.0.252 IGMPv2 46 Membership Report group 224.0.0.252 13 10.795325 103.124.106.123 → 192.168.10.129 TLSv1.2 452 Application Data 14 10.850098 192.168.10.129 → 103.124.106.123 TCP 54 49956 → 443 [ACK] Seq=1 Ack=399 Win=511 Len=0 15 11.053569 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 16 11.056589 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50355 [ACK] Seq=1 Ack=2 Win=292 Len=0 SLE=1 SRE=2 17 11.101512 192.168.10.129 → 239.255.255.250 IGMPv2 46 Membership Report group 239.255.255.250 18 11.720663 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 19 11.724371 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50359 [ACK] Seq=1 Ack=2 Win=294 Len=0 SLE=1 SRE=2 20 11.737185 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 21 11.741024 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50357 [ACK] Seq=1 Ack=2 Win=290 Len=0 SLE=1 SRE=2 22 12.886862 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 Who has 192.168.10.129? Tell 192.168.10.1 23 12.886883 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 192.168.10.129 is at 58:96:1d:fe:6b:04 24 12.992550 192.168.10.129 → 34.149.211.227 TLSv1.2 455 Application Data 25 12.996907 34.149.211.227 → 192.168.10.129 TCP 54 443 → 49818 [ACK] Seq=1 Ack=402 Win=1581 Len=0 26 12.996971 192.168.10.129 → 34.149.211.227 TLSv1.2 135 Application Data 27 13.000645 34.149.211.227 → 192.168.10.129 TCP 54 443 → 49818 [ACK] Seq=1 Ack=483 Win=1581 Len=0 28 13.070532 34.149.211.227 → 192.168.10.129 TLSv1.2 362 Application Data 29 13.121609 192.168.10.129 → 34.149.211.227 TCP 54 49818 → 443 [ACK] Seq=483 Ack=309 Win=513 Len=0 30 13.421811 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 31 13.424646 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50375 [ACK] Seq=1 Ack=2 Win=290 Len=0 SLE=1 SRE=2 31 packets captured

C:\Program Files\Wireshark>tshark -v TShark (Wireshark) 3.6.2 (v3.6.2-0-g626020d9b3c3) i) C:\Program Files\Wireshark>tshark -D 1. \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D} (Local Area Connection* 11) 2. \Device\NPF_{04139B68-62C6-4DB1-BFBF-A760ED12A89F} (Local Area Connection* 10) 3. \Device\NPF_{DF9D2BE3-E6D5-4A21-AC03-1843EF8D20AF} (Local Area Connection* 9)4. \Device\NPF_{18C1F50D-AB34-4264-A46C-F07B12DC8374} (Bluetooth Network Connection) 5. \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E} (Wi-Fi) 6. \Device\NPF_{673D9231-1802-400C-9A52-E9961C4100E8} (Local Area Connection* 12) 7. \Device\NPF_{6D8E8D22-C3A8-4970-8C9C-220C72864FEC} (Local Area Connection* 3)8. \Device\NPF_Loopback (Adapter for loopback traffic ~~capture)~~
capture)
ii) C:\Program Files\Wireshark>tshark -i \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D} Capturing on 'Local Area Connection* 11' * ** (tshark:11600) 16:57:18.532137 [Main MESSAGE] -- Capture started. * ** (tshark:11600) 16:57:18.534207 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Local Area Connection- 11TDSJI1.pcapng" 0 packets ~~captured~~
captured
~~iii) I try the wifi interface as follow, it seams capturing something , but no window display. only in the command line ie: no window display as a normal window program ~~does.~~~~
does. ~~pls see be ~~low~~~~
low
C:\Program Files\Wireshark>tshark -i \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E} Capturing on 'Wi-Fi' * ** (tshark:2756) 16:59:54.232843 [Main MESSAGE] -- Capture started. * ** (tshark:2756) 16:59:54.235762 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Wi-FiCEFRI1.pcapng" 1 0.000000 192.168.10.129 → 192.168.10.255 UDP 82 57797 → 1947 Len=40 2 1.099626 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 Who has 192.168.10.1? Tell 192.168.10.129 3 1.100264 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 192.168.10.1 is at 30:23:03:40:b5:f2 4 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 5 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 6 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 7 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general 8 6.107851 192.168.10.129 → 224.0.0.251 IGMPv2 46 Membership Report group 224.0.0.251 9 7.879010 104.17.108.108 → 192.168.10.129 TLSv1.2 568 Application Data 10 7.879163 192.168.10.129 → 104.17.108.108 TLSv1.2 404 Application Data 11 7.883352 104.17.108.108 → 192.168.10.129 TCP 54 443 → 49817 [ACK] Seq=515 Ack=351 Win=122 Len=0 12 10.610794 192.168.10.129 → 224.0.0.252 IGMPv2 46 Membership Report group 224.0.0.252 13 10.795325 103.124.106.123 → 192.168.10.129 TLSv1.2 452 Application Data 14 10.850098 192.168.10.129 → 103.124.106.123 TCP 54 49956 → 443 [ACK] Seq=1 Ack=399 Win=511 Len=0 15 11.053569 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 16 11.056589 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50355 [ACK] Seq=1 Ack=2 Win=292 Len=0 SLE=1 SRE=2 17 11.101512 192.168.10.129 → 239.255.255.250 IGMPv2 46 Membership Report group 239.255.255.250 18 11.720663 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 19 11.724371 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50359 [ACK] Seq=1 Ack=2 Win=294 Len=0 SLE=1 SRE=2 20 11.737185 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 21 11.741024 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50357 [ACK] Seq=1 Ack=2 Win=290 Len=0 SLE=1 SRE=2 22 12.886862 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 Who has 192.168.10.129? Tell 192.168.10.1 23 12.886883 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 192.168.10.129 is at 58:96:1d:fe:6b:04 24 12.992550 192.168.10.129 → 34.149.211.227 TLSv1.2 455 Application Data 25 12.996907 34.149.211.227 → 192.168.10.129 TCP 54 443 → 49818 [ACK] Seq=1 Ack=402 Win=1581 Len=0 26 12.996971 192.168.10.129 → 34.149.211.227 TLSv1.2 135 Application Data 27 13.000645 34.149.211.227 → 192.168.10.129 TCP 54 443 → 49818 [ACK] Seq=1 Ack=483 Win=1581 Len=0 28 13.070532 34.149.211.227 → 192.168.10.129 TLSv1.2 362 Application Data 29 13.121609 192.168.10.129 → 34.149.211.227 TCP 54 49818 → 443 [ACK] Seq=483 Ack=309 Win=513 Len=0 30 13.421811 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU] 31 13.424646 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50375 [ACK] Seq=1 Ack=2 Win=290 Len=0 SLE=1 SRE=2 31 packets ~~captured~~
captured

C:\Program Files\Wireshark>tshark -v
TShark (Wireshark) 3.6.2 (v3.6.2-0-g626020d9b3c3)
i)
C:\Program Files\Wireshark>tshark -D
1. \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D} (Local Area Connection* 11)
2. \Device\NPF_{04139B68-62C6-4DB1-BFBF-A760ED12A89F} (Local Area Connection* 10)
3. \Device\NPF_{DF9D2BE3-E6D5-4A21-AC03-1843EF8D20AF} (Local Area Connection* 9)4. 9)
4. \Device\NPF_{18C1F50D-AB34-4264-A46C-F07B12DC8374} (Bluetooth Network Connection)
5. \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E} (Wi-Fi)
6. \Device\NPF_{673D9231-1802-400C-9A52-E9961C4100E8} (Local Area Connection* 12)
7. \Device\NPF_{6D8E8D22-C3A8-4970-8C9C-220C72864FEC} (Local Area Connection* 3)8. 3)
8. \Device\NPF_Loopback (Adapter for loopback traffic capture)

ii)
C:\Program Files\Wireshark>tshark -i \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D}
Capturing on 'Local Area Connection* 11'
 ** (tshark:11600) 16:57:18.532137 [Main MESSAGE] -- Capture started.
 ** (tshark:11600) 16:57:18.534207 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Local Area Connection- 11TDSJI1.pcapng"
0 packets captured

iii)
I try the wifi interface as follow, it seams capturing something , but no window display. only in the command line ie: no window display as a normal window Windows program does.


pls see be low

C:\Program Files\Wireshark>tshark -i  \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E}
Capturing on 'Wi-Fi'
 ** (tshark:2756) 16:59:54.232843 [Main MESSAGE] -- Capture started.
 ** (tshark:2756) 16:59:54.235762 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Wi-FiCEFRI1.pcapng"
    1   0.000000 192.168.10.129 → 192.168.10.255 UDP 82 57797 → 1947 Len=40
    2   1.099626 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 Who has 192.168.10.1? Tell 192.168.10.129
    3   1.100264 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 192.168.10.1 is at 30:23:03:40:b5:f2
    4   5.813399      0.0.0.0 → 224.0.0.1    IGMPv2 46 Membership Query, general
    5   5.813399      0.0.0.0 → 224.0.0.1    IGMPv2 46 Membership Query, general
    6   5.813399      0.0.0.0 → 224.0.0.1    IGMPv2 46 Membership Query, general
    7   5.813399      0.0.0.0 → 224.0.0.1    IGMPv2 46 Membership Query, general
    8   6.107851 192.168.10.129 → 224.0.0.251  IGMPv2 46 Membership Report group 224.0.0.251
    9   7.879010 104.17.108.108 → 192.168.10.129 TLSv1.2 568 Application Data
   10   7.879163 192.168.10.129 → 104.17.108.108 TLSv1.2 404 Application Data
   11   7.883352 104.17.108.108 → 192.168.10.129 TCP 54 443 → 49817 [ACK] Seq=515 Ack=351 Win=122 Len=0
   12  10.610794 192.168.10.129 → 224.0.0.252  IGMPv2 46 Membership Report group 224.0.0.252
   13  10.795325 103.124.106.123 → 192.168.10.129 TLSv1.2 452 Application Data
   14  10.850098 192.168.10.129 → 103.124.106.123 TCP 54 49956 → 443 [ACK] Seq=1 Ack=399 Win=511 Len=0
   15  11.053569 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU]
   16  11.056589 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50355 [ACK] Seq=1 Ack=2 Win=292 Len=0 SLE=1 SRE=2
   17  11.101512 192.168.10.129 → 239.255.255.250 IGMPv2 46 Membership Report group 239.255.255.250
   18  11.720663 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU]
   19  11.724371 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50359 [ACK] Seq=1 Ack=2 Win=294 Len=0 SLE=1 SRE=2
   20  11.737185 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU]
   21  11.741024 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50357 [ACK] Seq=1 Ack=2 Win=290 Len=0 SLE=1 SRE=2
   22  12.886862 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 Who has 192.168.10.129? Tell 192.168.10.1
   23  12.886883 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 192.168.10.129 is at 58:96:1d:fe:6b:04
   24  12.992550 192.168.10.129 → 34.149.211.227 TLSv1.2 455 Application Data
   25  12.996907 34.149.211.227 → 192.168.10.129 TCP 54 443 → 49818 [ACK] Seq=1 Ack=402 Win=1581 Len=0
   26  12.996971 192.168.10.129 → 34.149.211.227 TLSv1.2 135 Application Data
   27  13.000645 34.149.211.227 → 192.168.10.129 TCP 54 443 → 49818 [ACK] Seq=1 Ack=483 Win=1581 Len=0
   28  13.070532 34.149.211.227 → 192.168.10.129 TLSv1.2 362 Application Data
   29  13.121609 192.168.10.129 → 34.149.211.227 TCP 54 49818 → 443 [ACK] Seq=483 Ack=309 Win=513 Len=0
   30  13.421811 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU]
   31  13.424646 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50375 [ACK] Seq=1 Ack=2 Win=290 Len=0 SLE=1 SRE=2
31 packets captured

Revision history [back]