You had said client. I'm guessing their ISP isn't doing what their help
desk calls "port 25 blocking"? McAfee 8.0 has a "port blocking" feature
that may be turned on by default actually. If they are using other
anti-virus softwares, I've seen like a virtual port (for lack of a better
term) get created to send mail.
Message: 11
Date: Thu, 05 May 2005 11:27:10 -0500
From: James Garrison <jhg@xxxxxxxxxxxxxxx>
Subject: [Ethereal-users] Capture Filter on port - strange behavior
To: ethereal-users@xxxxxxxxxxxx
Message-ID: <427A495E.7020901@xxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Running on Windows XP SP2 with Ethereal versions
0.10.10 and WinPCap 3.0.
If I provide the following capture filter:
port 25
in order to capture an SMTP transaction, I see only
packets with destination port 25 -- I.e. I see the
the client's outgoing packets only.
However, if I capture with NO filter specified, I see
all packets, so I know WinPCap is capturing all the
traffic.
I also tried
src port 25 || dst port 25
but the results were the same. This used to work
just fine. Has something changed or am I missing
something?
I also tried Ethereal 0.10.9 and WinPCap 3.1beta4 with
the same results.
--
James Garrison Athens Group, Inc.
mailto:jhg@xxxxxxxxxxxxxxx 5608 Parkcrest Dr
http://www.athensgroup.com Austin, TX 78731
PGP: RSA=0x92E90A3B DH/DSS=0x498D331C (512) 345-0600 x150
------------------------------
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users
End of Ethereal-users Digest, Vol 25, Issue 7
*********************************************
--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.5 - Release Date: 5/4/05