Hi, I got a problem using Wireshark.
I am writing an app which connects to a device via UDP protocol and receives some of its data. I could really use knowledge of what I am sending and receiving, since there is something wrong with the app.
While I am connected to the Internet, Wireshark works just fine, but when I switch the cable to connect to the device I cannot capture anything (well, there is something, but I can't see the packets I am sending using the app). How can I do that? Sorry if this is a very basic question, but I am a total newbie in this sort of things.
asked 06 Apr '13, 13:37
edited 08 Apr '13, 08:59
you probably need to disable DHCP on that interface and set the IP address (and netmask) manually to something that is in the same range as the external device.
Did you check your IP settings on the Windows box, while you are connected to the external device?
Can you also post the output of that command here?
Do you get an ARP entry for the IP address you are pinging (CLI: arp -a). If there is no ARP entry,
answered 08 Apr '13, 06:35
Kurt Knochner ♦
edited 08 Apr '13, 07:27
OK, you connect your device with a cable to your labtop on which you have your application and wireshark running.
Troubleshooting is best done from the ground up. So, first check whether you have a link at the ethernet level. Does both your laptop and uC show that the interface is up? Either by lighting a led or by checking in the settings (laptop only)? If not, you most likely have to use an ethernet cross-cable, as you are attaching two MDI devices to each other.
OK, once you have a link, you can try to see whether the device is reachable by pinging its IP address. Don't worry is you don't get a response, since it is an uC, it might not respond. However, it should have answered your arp request with an arp response (look in the wireshark trace) and on the command line of your laptop, you should see the mac-address of the uC listed with the IP address when you give the command "arp -a".
Once these two steps succeed, you know the device is reachable and you can start working on your test application and wireshark should show you all packets being sent from your application (assuming you choose the correct interface to capture on).
answered 07 Apr '13, 03:04
When you say there are "sth" packets, I assume you mean "stp" packets (as there are no fields in wireshark starting with sth). STP packets are spanning-tree BPDU's used by a switch to prevent network loops, so I assume you connect to your "device" through a switch.
When using a switch, you will only see packets to and from your own device and broadcasts. So it is normal that you don't see any packets to and from your "device". You will need to use a real hub or configure port mirroring on the switch to be able to see packets for your "device".
If my assumption is not right, then please add a comment to your question with a detailed description of your network setup.
answered 07 Apr '13, 01:03