Wireshark · Wireshark-users: [Wireshark-users] can't filter bidirectional traffic

Wireshark-users: [Wireshark-users] can't filter bidirectional traffic

From: Noam Birnbaum <noam@xxxxxxxxxxxxxxxxxxxxxxx>

Date: Mon, 21 Apr 2014 15:12:13 -0700

Hey all,

I posted this on the wiki but haven’t gotten much help.

I'm trying to filter capture traffic. I want to see all LPD traffic to/from a particular printer. However, regardless of whether I use "host 1.2.3.4" or "tcp port 515", Wireshark captures only traffic originating from the printer; it doesn't capture traffic from the other side of the TCP connection.

However, when I capture with no capture filters, both Tx and Rx are captured!

I tested this also with tcpdump and got the same results: capture filters only show source traffic from the printer; unfiltered captures show everything.

I'm running v1.10.6 on Mac OS 10.9.2.

Thanks!

Noam Birnbaum
Mac Daddy
http://www.maccentricsolutions.com
877.luv.macs x666
tweet @noamb

Tech support —> 877.luv.macs or support@xxxxxxxxxxxxxxxxxxxxxxx

p.s. you just found $100

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Follow-Ups:
- Re: [Wireshark-users] can't filter bidirectional traffic
  - From: Guy Harris

Prev by Date: [Wireshark-users] Wireshark 1.11.3 is now available
Next by Date: Re: [Wireshark-users] can't filter bidirectional traffic
Previous by thread: [Wireshark-users] Wireshark 1.11.3 is now available
Next by thread: Re: [Wireshark-users] can't filter bidirectional traffic
Index(es):
- Date
- Thread