On Monday 10 Nov 2003 10:21 pm, Job 317 wrote:
> On 9-Nov-2003 12:39:38 +0100, you wrote:
> > On Saturday 08 Nov 2003 6:41 pm, Job 317 wrote:
> > > Help. I have a new installation of Windows XP Home Edition with all
> > > patches and updates applied. I installed WinPcap-3.0 and
>
> Ethereal-0.9.16
>
> > > as owner/administrator.
> > >
> > > When I execute Ethereal, there are no interfaces listed in the
> > > Capture->Interface field. I have only one interface: an Intel Pro
> > > Ethernet card.
> > > ...
> > > Can anyone tell me how to indicate the interface in Ethereal and/or
> > > Windump with the WinPcap 3.0 library? Also, where do I look for
>
> that
>
> > > information on Windows XP?
> >
> > http://www.ethereal.com/faq.html#q5.16
> >
> > --
> > Richard Urwin
>
> I realize that you think you are helping me but you are not. I read this
> FAQ prior to e-mailing the list. Simple-minded, perhaps, but I was
> confused nonetheless. If you believe the answer to my problem lies
> somewhere in this relatively long FAQ entry, perhaps you could narrow it
> down since I was unable to understand it in relation to my problem.
>
> Also, I may not have been clear but I was executing ethereal as
> owner/administrator too, which mitigates part of FAQ 5.16.
Are you also saying that Windump does not list any interfaces? If so I'm
afraid that you'll have to ask the maintainers of windump/winpcap. Ethereal
uses winpcap to fetch the list of interfaces, so if winpcap doesn't give
Ethereal any interfaces there is nothing Ethereal can do about it.
I'm afraid that I, personally, don't use XP, so I can't help you with that
aspect. But I do use a Win2kpro machine with an Intel pro card, and it works
fine with Ethereal (0.9.15). The name you want is probably in the registry
somewhere, and probably consists of a *GUID* which is a long string of
hexadecimal, possibly with some well-defined prefix. Someone who knows XP and
somebody who knows the prefix would have to tell you how to construct it, but
try Windump -D and disable the firewall first (see below).
The winpcap FAQ (http://winpcap.polito.it/misc/faq.htm) does note that there
might be a problem with firewalls, but does not indicate what the symptoms
might be. It suggests you disable the firewall function while capturing if
you have a problem.
Another of the questions is:
-----------------------------
Q-5: The XXX WinPcap-based application doesn't run properly on my system. Is
it a WinPcap problem?
A: Try Windump. In particular, "windump -D" reports the list of valid adapters
and shows if WinPcap is able to detect correctly your hardware. If WinDump
works, the problem is in the XXX program and not in WinPcap, so contact the
authors of XXX for help.
-----------------------------
So similarly, if windump -D does not report your adaptor then it is a problem
with winpcap.
So disable the firewall and try windump -D first. If you see your interface
get back to this list with that information, and someone will probably be
able to lead you further. If you don't see your interface then start asking
the winpcap people.
--
Richard Urwin