2
1
I am developing a python messenger client but I feel this is more targeted to superuser than StackOverflow. My server application seems not to get the data sent from time to time, so I want to see what exactly is being sent each time over a specific port such as 42222. I tried wireshark but I am having trouble filtering data on this port specifically.
5
Your WireShark solution will work, you just need to use the correct filter:
port 42222
You may want to read the WireShark wiki on capture filters, there is an abundance of useful filters you can use.
John T
Posted 2009-09-05T18:30:43.373
Reputation: 149 037
2
Download and run Nirsoft's SmartSniff (it's 'portable', so no installation required), press CTRL + F8 to open the Filter and enter the folowing line:
include:local:tcp:42222
now adjust the Options (e.g. Display Capture Time, Display Outgoing Data, etc.) to your likings. you may create a HTML report from the View menu.
if you specify only the source port you won't be able to see replies, and if you only specify dest port you won't see requests – nos – 2009-09-05T21:45:17.257
@nos, ahhh, don't know what I was thinking... You're absolutely right. (To avoid confusion, I removed my earlier comment assuming "that only a local or remote port is to be monitored".) By the way: a similar display filter would read
tcp.port eq 42222 or udp.port eq 42222(where things liketcp.dstportwould only show part of the communications, like @nos noted). – Arjan – 2009-09-06T14:38:41.460