This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Remote capturing

0

Hi, I am trying to use remote capturing between two machines running win7 32b. When I try to add a remote interface in Wireshark, I see the error "can't get the list of interfaces: getaddrinfo() the requested name is valid but no data of the requested type was found" How can I solve the problem?

asked 02 Oct '12, 05:56

mah's gravatar image

mah
1112
accept rate: 0%

edited 02 Oct '12, 07:10

cmaynard's gravatar image

cmaynard ♦♦
9.4k1038142

2 Answers:

0

To be able to do a remote capture this way you need to run rpdapd.exe on the other machine, which means that you need to install WinPCAP (which contains rpcapd.exe). This is necessary because Wireshark needs a capture process to connect to, and that process is rpcapd.

answered 02 Oct '12, 06:17

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%

I have installed WinPCAp and run rpcapd.exe on the remote machine.I also have enabled port 2002 in windows firewall.

(02 Oct '12, 06:30) mah

and you still get the same error?

(02 Oct '12, 08:49) Jasper ♦♦

0

getaddrinfo() the requested name is valid but no data of the requested type was found

That's a windows API error, indicating that the name resolver on your Wireshark system was not able to resolve the specified name to a valid IP address (no A record or possibly the IPv6 AAA record returned first).

http://msdn.microsoft.com/en-us/library/windows/desktop/ms740668%28v=vs.85%29.aspx#WSANO_DATA
http://msdn.microsoft.com/en-us/library/windows/desktop/ms738520%28v=vs.85%29.aspx

I suggest to test name resolving on the CLI. Open a DOS box and run these commands.

c:>nslookup hostname
c:>ping hostname

Where hostname is the same string you entered in the Wireshark GUI.

Regards
Kurt

answered 08 Oct '12, 12:31

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%