Wireshark mailing list archives
Re: Question about Wireshark and the Windows Firewall
From: David Aldrich <David.Aldrich () EMEA NEC COM>
Date: Wed, 7 Mar 2012 08:51:52 +0000
Thanks for your answer. The problem is now resolved - the firewall rules were incorrectly setup. Group policy does not allow me to disable the firewall so it was harder to diagnose. David From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Tim.Poth () bentley com Sent: 02 March 2012 13:30 To: wireshark-users () wireshark org Subject: Re: [Wireshark-users] Question about Wireshark and the Windows Firewall Winpcap is what grabs the packets for Wireshark and it does see traffic before its evaluated by the windows firewall. If you are concerned about the firewall eating the traffic try turning it off and testing. Some endpoint protection products also can eat network traffic, if you have anything like that loaded you might want to look at its logs / config. Hope that helps tim From: wireshark-users-bounces () wireshark org<mailto:wireshark-users-bounces () wireshark org> [mailto:wireshark-users-bounces () wireshark org]<mailto:[mailto:wireshark-users-bounces () wireshark org]> On Behalf Of David Aldrich Sent: Friday, March 02, 2012 3:21 AM To: wireshark-users () wireshark org<mailto:wireshark-users () wireshark org> Subject: [Wireshark-users] Question about Wireshark and the Windows Firewall Hi We have written a 32-bit console application using Visual C++ Express 2008 that receives UDP packets on port 30000 from another (non-Windows) machine. When running on Windows XP our app receives the packets, but when running on Windows 7 it does not. I have configured Windows Firewall to open ports 30000-30002 to our application, so the packets should not be blocked. Wireshark shows that the packets are indeed arriving at the PC. What I am not sure of is whether they are getting through the firewall. On what side of the firewall does Wireshark snoop? If the packets are listed on Wireshark does it mean that they have got through the firewall? Any suggestions or answers would be appreciated. Best regards David Click here<https://www.mailcontrol.com/sr/KYOcPt4UG13TndxI!oX7Ui!B!9hWdHWJhhm32xLvEse6!Iu9atEqP7K!RQUNDk0KYvjIxlvyyZ4NWyQ1f1p+mg==> to report this email as spam.
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Question about Wireshark and the Windows Firewall David Aldrich (Mar 02)
- Re: Question about Wireshark and the Windows Firewall Tim.Poth (Mar 02)
- Re: Question about Wireshark and the Windows Firewall David Aldrich (Mar 07)
- Re: Question about Wireshark and the Windows Firewall Tim.Poth (Mar 02)