On Thu, Dec 27, 2001 at 11:28:43AM +0200, Ron Peleg wrote:
> I am trying to analyse the communication between several CORBA components.
> For convenience, all these components run on the same computer. However, the
> Ethereal tool does not capture packets that are sent within the local
> machine. Is there a way to configure it (or the pcap infrastructure) to
> capture these messages?
Well, Ethereal does, as I infer you've guessed, depend on libpcap for
captured packets. Libpcap, in turn, depends on stuff in the OS (for
UNIX) or added to the OS (for Windows) for captured packets.
Unfortunately, on many platforms, IP packets sent from a machine to
itself aren't captureable. Ethernet interfaces apparently don't receive
their own packets; the network stacks I've seen loop packets sent to the
same machine back internally.
Some OSes have a "loopback interface" over which those packets are sent.
On UNIX systems, if it exists it's typically called either "lo0" or
"lo". On the BSDs and Linux, you can capture traffic on this interface;
however, on SunOS 5.x (the OS component of Solaris 2.x, Solaris 7,
Solaris 8, etc.), for example, you can't.
Windows doesn't have a "loopback interface" in that sense. There is,
apparently, some kind of "loopback adapter" available for Windows 2000:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q236869
but
1) it's not the default device used for on-the-same-machine IP
traffic (given that it's apparently not even *installed* by
default)
and
2) somebody on either the ethereal-users list or the
ethereal-dev list sent mail to the list indicating that they
didn't see any traffic on it, so it might not be possible to
capture traffic on it.