I'm currently using Wireshark 2.2.1 on my MBP (running OSX 10.9.5).
I'm trying to look at packets when I visit/log into our Jenkins server to prove something. Our Jenkins server is not running SSL, which is an important point later.
For the capture filter, I left it blank. I also selected promiscuous mode for my selected interface (USB Ethernet). All other interfaces are disabled. I saw tons of packets come thru when I started the capture.
I visited and logged into our Jenkins server and then stopped the capture. I then went to the display filter and typed
ip.addr == 10.10.10.10 and tcp
It shortened the list of packets but it didn't show any traffic from my MBP to the Jenkins server. All the packets after the display filter was applied showed all packets with the ip addr == 10.10.10.10 was communicating with a Cisco router. Looking at the contents, it doesn't look to contain my Jenkins credentials. Also, looking some more, there is some TLSv1 traffic happening between the MBP and the Cisco router but TLSv1/SSL is not enabled for the Jenkins server.
I don't know how the network is setup between my desk and our Jenkins server (Jenkins server is at some remote server farm) but I thought capturing all packets and then applying a display filter on my MBP's ip addr would show all packets between my laptop and whatever it communicated with. What am I doing wrong that's not capturing or not displaying packets from my laptop to the Jenkins server or is this a network topology issue that I wouldn't be able to get around unless my laptop and Jenkins server were connected on the same switch?
