Wireshark (Ethereal) and WRT54GL

Discussion in 'Networking Issues' started by unionchurch, Jan 7, 2007.

  unionchurch

    unionchurch

    I've been trying to use Wireshark (Ethereal) on a Linux box to sniff packets to/from other PCs plugged into the same bank of 4 LAN ports on the back of WRT54GL. I can only see packets to/from the Linux box itself, or broadcasts. I am aware of the need to run the Wireshark software in promiscuous mode to make this work, and I am doing that (supposedly).

    It occurred to me, could it be that the 4 LAN ports on the WRT54GL router are NOT equivalent to an unswitched hub, which would an explanation why this isn't working.

    The router is running DD-WRT but I don't think that is relevant.
  Toxic

    Toxic

    the WRT54GL's LAN ports are connected to a switch. switches differ from hubs as they are intellegent, they keep a record of MAC addresses on each port, so these then send the correct packet via the correct port.

    A Hub on the other hand sends broadcasts via each port as it doesn't know where the recipent is on any port.

    more info here: http://www.smallbusinesscomputing.com/webmaster/article.php/3498476
