Tuesday, May 12, 2009 4:08 PMHello,
I want to capture the HTTP traffic on my computer. Both, the browser and the webserver are running on my computer.
Because I cannot find a way to specify this directly, I type the following term into the "Capture Filter" box:
( Tcp.DstPort == 80 or Tcp.DstPort == 8080 or Tcp.DstPort == 8084 )
The window "Display Filter" is empty and all Network Adapters are selected.
Then I click "Apply" and "Start".
In a browser window, I open the address http://localhost:8080/ where Tomcat is running. Now, the Network Monitor should display anything in the "Frame Summary" window.
But it does not. Why?
Tuesday, May 12, 2009 4:54 PMOwnerIf you start a trace with no filter at all, do you see traffic appear? It almost sounds like there's another problem here. If nothing appears in this case, please tell me what you see in the frame summary window, like are there columns visable (Frame Number, Time Offset, etc)?
Also your filter should capture traffic, but only in one direction. If you want to capture traffic in both directions you can use this filter instead.
( Tcp.Port == 80 or Tcp.Port == 8080 or Tcp.Port == 8084 )
Wednesday, May 13, 2009 7:18 AMThank you for your answer Paul,if I do not set any filter, I can see network traffic in the "Frame Summary" window. But I do not see any lines according to http://localhost:8080 - even without a filter.It seems that only network traffic to or from other computers is captured.RegardsWolfgang
Wednesday, May 13, 2009 1:50 PMOwner
That is true. I just noticed the "localhost" reference which I realize means you are hosting the web site local.
You might try this work around as we've had some success. If we try to add a route so that local packets are sent to the router, this could cause the packets to bounce back to your machine and this will let NM see the traffic. So simply do this command at a command prompt.
route add <IP Address of the server that you are on> <IP Address of default gateway of the server you are on>
If this works properly, you'll see the traffic though it will be duplicated. You can elimiate the traffic with a filter to not display the packets where the source ethernet address matches the router.
Please let me know if this works for you.
- Marked As Answer by wimwum Tuesday, May 19, 2009 2:09 PM
Tuesday, May 19, 2009 2:13 PMThank you, Paul
this works fine for real network adapters.RegardsWolfgang