Hi, I'm porting an embedded TCP-stack. I'd like to use wireshark to test my implementation. The problem is that there is a lot of traffic on my notebooks ethernet interface. I cant use filters, because it is possible that the frames that are sent are corrupt so i would not see them. Any idea how I can obtain an interface where the only traffic is the one i want? asked 30 Mar '13, 02:31  Dill |
2 Answers:
NOT an offence, I'm just a bit confused!! You say:
and then you say:
Erm ... how do you port a TCP stack without decent network knowledge? Anyway, maybe I'm misinterpreting the word 'porting'. Can you please add some information how you port that TCP stack and why you have to do it on a system that already has a TCP/IP stack in place (your laptop) instead of using a virtual machine. That information is necessary to understand your problem and why/how those two TCP stacks interact/conflict. Regards answered 02 Apr '13, 09:18  Kurt Knochner ♦ edited 02 Apr '13, 09:18 Kurt, I'm sorry for the confusion. I should have mentioned that I'm porting the stack (LwIP) to a microcontroller. So I just have to develop the PHY and MAC drivers for that platform which does not call for any deeper networking knowledge. But I need some tools to test the stack. I'd like to be able to "speak" to the ported stack without seeing all that noise that all these windows services and programs send out of the eth-interface of my (windows 7) notebook. (02 Apr '13, 14:56) Dill O.K. can you please add some information about your network setup. Is it like one of these? If so, how do you test LwIP? By sending/receiving data from the PC to the MicroController? (03 Apr '13, 03:07) Kurt Knochner ♦ PC --- switch --- microcontroller is the setup right now, but it would be no problem to purchase some new hardware like a linux pc if that helps. Yes Id like to test LwIP by sending data from the notebook using wireshark to monitor. right now I use ping and netcat but for seriuos testing I'll need something else, but that'll be the next problem. (03 Apr '13, 08:52) Dill
well, you could filter on the MAC address of the Micro Controller to see just traffic to/from that device.
If the frames are corrupt, the OS (driver) or the NIC (hardware) might drop the frame anyways, so you won't see it in Wireshark. So, filtering on the MAC address of the Micro Controller may be 'good enough'. My suggestion: Get a second interface for your system (pccard for a laptop) and disable all Windows protocol on that additional NIC. That way, you won't get 'noise' on the line between this NIC and the Micro Controller. If that is not an option, get second PC with an operating system that is not that chatty ;-) (Linux, *BSD) (03 Apr '13, 18:23) Kurt Knochner ♦ So, if i put a PCMCIA ethernet card in my laptop and disable all items but IPv4 in this window: http://www.home-network-help.com/images/windows-7-network-tcpip.jpg I'll have a silent interface? Thanks for your patience :) (05 Apr '13, 15:48) Dill 1 No, you also need to disable IPv4. Remove ALL check marks to get a silent interface. (06 Apr '13, 04:51) Jasper ♦♦ 1 Hint: If you disable IPv4, you will be able to capture traffic, but you won't be able to send/receive any data to the Micro Controller via that interface, at least not with standard system network calls. (06 Apr '13, 08:50) Kurt Knochner ♦ showing 5 of 7 show 2 more comments |
could you please explain how that would help?
Hook your laptop interface up to the monitor port, hook the device w/ embedded stack onto the mirrored port, hook the uplink to the rest of your network. If you want your laptop interface to be passive, then bring it up sans IP address (Linux), or disable protocol/services (Windows).
thanks for your help. i'm a little lost with this network stuff.... will i still be able to send test-traffic to the tested device? which services would that be for windows?