2011年10月31日 星期一
Enabling VLAN tag capture for Broadcom Ethernet Adapter
There is a registry key under HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\00xx that can be set to cause the driver and chip not to strip the 802.1Q headers. In order to set that key, you need to find the right instance of the driver in Registry Editor and set that key for it. You can do this by doing following:
1. Run the Registry Editor (regedit)
2. Hit CTRL+Home to go to the top of the registry
3. Hit F3 to bring up a search
4. Search for TxCoalescingTicks - actually a search for txcoal will do
This should take you to something like:
HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\00xx
5. Right-click on a bit of white space near the TxCoalescingTicks field.
6. Enter "PreserveVlanInfoInRxPacket" –
a. Then highlight the text PreserveVlanInfoInRxPacket and copy it to the clipboard – you’ll need it again later.
7. Give the newly created field (PreserveVlanInfoInRxPacket) the value "1".
8. Hit F3 to repeat the search – goto step 5 again. Repeat until you reach the beginning again.
9. Reboot the PC
REF:www.cisco.com/en/US/prod/voicesw/custcosw/ps5693/ps14/prod_system_requirements0900aecd800e3149.pdf
Also: http://wiki.wireshark.org/CaptureSetup/VLAN
--------------------------------------------------------------------------------------------------------------
某台伺服器上要跑一個軟體用pcap抓封包,系統用的是Windows,但是Windows下的驅動過濾了8021q的協議header,導致軟體不能正常工作。 Google了一下, Wireshark的Wiki說要改註冊表
但是經過測試,他給出的方法不能用,至少在現在的驅動上不行。 文章中提示的TxCoalescingTicks在註冊表裡面根本找不到!!
在驅動文件bxvbda.sys裡找到了“keep_vlan_tag”的字樣,於是順藤摸瓜發現了這個位置:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}\0051 最後這個數字可能不太相同,不過可以搜索“*ReceiveBuffers”試試看。
找到這個鍵值以後就好說了,添加一個REG_SZ 名稱為keep_vlan_tag 值為1的項,重啟。 就可以在Wireshark裡抓到VLAN TAG了。
就是這樣。 驅動版本是5.2.14.0 網卡是Broadcom BCM5708C NetXtreme II
訂閱:
文章 (Atom)
How to repair and clone disk with ddrescue
ddrescue is a tool that can be used to repair and clone disks on a Linux system . This includes hard drives, partitions, DVD discs, flas...
-
from: https://www.wpgdadatong.com/tw/blog/detail?BID=B0594 一. PHY包含的各個子層 : PCS:編碼和解碼 PMA:串行器和反序列化器 PMD:取決於物理介質 Firgure 1: OSI模型裡示意...
-
From: http://blog.chinaaet.com/justlxy/p/5100064818 SMI:串行管理接口(Serial Management Interface),通常直接被稱為MDIO接口(Management Data Input/Output I...
-
在 前面我們所談的那些可以說是比較基本的東西,但是對於一份文件來說,光有前面所介紹的游標移動、刪除等等功能是不足夠的。面對一份文件我們通常會因為某些 緣故而使得我們必須去修改當中固定出現的字串樣式(pattern)成我們想要的樣子。最常遇到的就像中文文件的標點符號問題,或是 un...