RayMitchell wrote:
I just installed Wireshark on WinXP and I have a question. I have
Internet access through a cable modem and, thus, I have a LAN IP
address (192.168.1.102) as well as an Internet DHCP IP address. I
have a mail server running on my machine that is only visible to the
LAN. The various email clients on my machine (Eudora, Outlook, etc.)
seem to work fine using the LAN mail server for local email to each
other as well as the mail server supplied by my ISP for Internet
email. When I run Wireshark I can see all the email and other
activity between my LAN machine and the Internet but absolutely no
activity between my LAN mail server and any of the LAN mail clients,
I.e., when you run Wireshark on a particular machine, you see no traffic
between two programs running on that same machine?
That traffic is not supplied to the mechanism that WinPcap uses to do
packet capture; as Wireshark uses WinPcap to capture packets, that means
that Wireshark won't see that traffic.
See
http://wiki.wireshark.org/CaptureSetup/Loopback