Ethereal-users: Re: [Ethereal-users] cannot see "live capture"

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <gharris@xxxxxxxxx>
Date: Wed, 10 Aug 2005 10:55:03 -0700
Joseph Pitts wrote:

Also I'm plugged into a Zywall 1 firewall\router, both the linux(FC4) and xp
boxes are running at 100MB.


What "XP box" is this?
Is the Linux box the one running Ethereal? If so, were you going to the Web sites with a browser on it, or on the XP box? 

The page at

	http://www.zyxel.com/product/model.php?indexcate=1021974741&indexcate1=1085450410&indexFlagvalue=1021873683
says the ZyWall 1 "is equipped with a 4-port switch", so if you're running Ethereal on one of your machines, it probably won't be able to see network traffic to or from the other machine (regardless of whether it's an "Update list of packets in real time" capture or not; the only difference "Update list of packets in real time" makes is whether the lack of packets manifests itself as an empty packet list or packet counts of zero in the capture progress window).
There *might* be some way to monitor the Internet side of the ZyWall 1 with an option (the firewall/router box I have contains a switch, but it has an option to reflect Internet-side traffic back to one of the ports). If nothing else, you could plug the Internet side, whatever device was plugged into it, and the machine running Ethereal (or whatever traffic capture software you're using) into a *real* hub: 

	http://wiki.ethereal.com/HubReference