How to set promiscuous mode and determine inbound traffic

retag add tags

https://ufile.io/l9xqze2v wireshark.pcap
iptables.sh https://ufile.io/v9hsadna
Look at my iptables which config will drop traffic in wireshark
How to configure promiscous and understand which traffic is inbound of wireshark or inbound at all?

To determine inbound traffic you should disable promiscuous mode as that allows traffic that wouldn't normally be accepted by the interface to be processed. This is done from the Capture Options dialog.

To determine inbound traffic, set a display filter to only show traffic with a destination of your interface(s) MAC addresses(es), e.g.

eth.dst == 00:11:22:33:44:55

substituting the appropriate value for your NIC MAC.

23.8k

grahamb

answered 2021-05-05 11:47:43 +0000

edit flag offensive 0 remove flag delete link

Comments

How to understand how much invisible interfaces in physical level !?
And how much linux network interfaces in standart mode ?
Whear i can download pcap on arp protocol and how much protocols working behind linux iptables drop all script without arp?
And how to understand is this promiscuous traffic is dropped which goes through interface and wireshark ?

gapwalker (2021-05-05 12:46:58 +0000) edit

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

How to set promiscuous mode and determine inbound traffic edit

Comments

1 Answer

Comments