Recently been using wireshark to determine network activity when using multicasting – is proved invaluable to helping to track down some application features.
Wireshark is a great free tool available from http://www.wireshark.org/
Use wireshark to sniff the network. Download here
to start a trace:
- define filter – see examples below
- menu – capture/interfaces. Select interfaces you wish to trace :
- press start
The filter is all powerful, change it to do what you need!
examples
trace UDP traffic only for a define port
here, we want to trace all UDP traffic on ports 7980 and 6980
So, the filter will be ” udp.port==7980 or udp.port==6980″
show all traffic originating from a given IP and being sent to another IP
Set the filter to be ip.dst==xxx.xxx.xxx.xxx&&ip.src==xxx.xxx.xxx.xxx
example
Eg ip.dst==230.6.8.1&&ip.src==172.27.98.15 . ie i used this example to show all traffic sent from my source machine (.15) onto the multicast pool address (230.6.8.1).