From: Guy Harris <guy@xxxxxxxxxxxx>
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Sent: Thursday, July 30, 2009 12:53:01 AM
Subject: Re: [Wireshark-users] capturing traffic on a virtual interface
On Jul 29, 2009, at 10:49 PM, Sake Blok wrote:
> No, if you are browsing the site (which is hoted on the VM) from
> within
> the VM,
...or if you are browsing a site hosted on *any* machine (real or
virtual) from the same machine...
> then the traffic won't pass the NIC driver and won't pass the
> WinPcap capture engine.
This is a limitation of the way the Windows networking stack works.
Solaris has a similar problem; on some other UN*Xes, you can capture
that traffic, *but* you have to capture on the OS's "loopback" device
("lo" on Linux, "lo0" on *BSD, Mac OS X, and Digital/Tru64 UNIX).
See
http://wiki.wireshark.org/CaptureSetup/Loopbackfor
details.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <
wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-usersUnsubscribe:
https://wireshark.org/mailman/options/wireshark-users mailto:
wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe