wireshark Loopback capture setup

From :

http://wiki.wireshark.org/CaptureSetup/Loopback

 

@++++++++++++++++++++++++++++++++++

Alternatives

 

A commercial network sniffer called CommView (from TamoSoft) allows to capture packets on the localhost network adapter but it dissects fewer protocols, so you can capture packets with CommView and save them into a file and open it with Wireshark.

An other alternative is to add a route to your local machine going through the network gateway:

route add <your_IP> mask 255.255.255.255 <the_gateway> metric 1

 

with <your_IP> being different from 127.0.0.1. It should (has to) be the result of ipconfig command (ip address field) <the_gateway> has to be the default gateway field taken from ipconfig /all result.

Doing so, every network traffic from your machine to itself will use the physical network interface, it will then go to the gateway, back to you. Therefor, you will see each packet twice, but it can be filtered on the view.

Be careful, since your machine will use the actual network to talk to itself, it may overload the network. It may be wise to remove the new route once you are done with the tests:

route delete <your_IP>