michael butler wrote:
They are TCP or HTTP/XML packets.
Are any of the TCP packets not HTTP? Are any of the HTTP packets UDP
rather than TCP (yes, that's possible - Universal Plug-and-Play, or
UPnP, can use UDP, and is implemented atop HTTP)?
Are all those packets to or from port 80 (i.e., are they all TCP packets
to or from the default HTTP port, and thus probably HTTP)? Or, if not,
is there some other port number that's always one of the ports?
From Computer IP address *to/from*
router IP address.
If there's a particular port they're always to or from, you could try a
capture filter of
not (host {router} and port {port})
where "{router}" is the host name or IP address of the router and {port}
is the port in question. That could conceivably match other packets and
eliminate them as well, but it probably won't get many false hits, if any.
Info area [RSR, ACK] [SYN] OK
?WANCommonIterfaceConfig HTTP/1.1
That's probably UPnP (I'm assuming that's "WANCommonInterfaceConfig",
not "WANCommonIterfaceConfig"):
http://en.wikipedia.org/wiki/Universal_Plug_and_Play
http://msdn2.microsoft.com/en-us/library/ms819762.aspx
and probably involves the router trying to find out information about
the configuration of your computer's network connection to the Internet
(e.g., so it can adjust its configuration to match).