Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

It's kinda hard to believe that there wasn't any configuration done after installation for this situation to occur. But then again it could have happened inadvertently.

Here's what's most likely going on. When you capture network traffic you most likely see Ethernet frames with IPv4 packet as payloads. To distinguish these payloads from others, the Ethernet frame has an ether type field which indicates what type of payload is carried by that Ethernet frame. It so happens that 0x0800 is the ether type for, you guessed it, IPv4 packet payloads.

Now it would be nice if Wireshark would show you IPv4 packets and what other protocols are in there. It can, but currently it seems it doesn't. A possible reason why this would be is that the IPv4 dissector in Wireshark has been disabled.

To see whether that is the case open the Enabled Protocols dialog and search for IPv4. If that is disabled (has no checkmark) enable it, click OK and see if it makes any difference.

If this solves the problem, then most likely the IPv4 dissector got disabled through a context menu with protocol preferences, which also allows for the protocol dissector to be disabled. This is saved in your current profile, which remains regardless of installation status of the program.