From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx]
On Behalf Of Tim.Poth@xxxxxxxxxxx
Sent: 02 March 2012 13:30
To: wireshark-users@xxxxxxxxxxxxx
Subject: Re: [Wireshark-users] Question about Wireshark and the Windows Firewall
Winpcap is what grabs the packets for Wireshark and it does see traffic before its evaluated by the windows firewall. If you are concerned about the firewall eating the traffic try turning it off
and testing. Some endpoint protection products also can eat network traffic, if you have anything like that loaded you might want to look at its logs / config.
Hope that helps
tim
Hi
We have written a 32-bit console application using Visual C++ Express 2008 that receives UDP packets on port 30000 from another (non-Windows) machine. When running on Windows XP our app receives the packets, but when running on Windows 7 it does not. I have
configured Windows Firewall to open ports 30000-30002 to our application, so the packets should not be blocked.
Wireshark shows that the packets are indeed arriving at the PC. What I am not sure of is whether they are getting through the firewall. On what side of the firewall does
Wireshark snoop? If the packets are listed on Wireshark does it mean that they have got through the firewall?
Any suggestions or answers would be appreciated.
Best regards
David
Click
here to report this email as spam.