Hello, can anyone help me how to capture traffic on port 8080 using wireshark? I use wifi connection and I type tcp.port == 8080 but there are no packets Thanks
asked 22 Aug '15, 09:41
edited 22 Aug '15, 11:39
Apart from the capture and display filter syntax difficulties, is the problem due to your WiFi network running in an encrypted mode? Are you trying to capture traffic from the device you're capturing on, or other devices on the same WiFi network?
If you leave the capture\display filters empty, what do you see?
answered 24 Aug '15, 12:48
You have to decide whether to use a /capture/ filter or a /display/ filter - the syntax is different between those two filter types. tcp port 8080 is /capture/ filter, but tcp.port == 8080 is /display/ filter.
First thing I would confirm is that I am using the right interface. To do this quickly and simply, I would click Capture > Interfaces and confirm which interface is receiving packets. Then select that interface and click the Start button.
Once the trace has started, then you should be able to use type your filter (the /display/ filter) into the filter toolbar in the Wireshark interface. Then you should /only/ see packets with a source or destination port 8080.
If you have confirmed you are tracing with the right interface and you have correctly typed your display filter, and you /still/ not seeing any packets, then the only thing to conclude is that those packets were never sent or received on your network interface. Then the picture changes and you need to reassess the situation.
answered 24 Aug '15, 11:33
edited 24 Aug '15, 11:35