Author Topic: New to this stuff, just seeing how it fits (iPhone, wifi-router, Win box proxy)  (Read 170 times)

monkeywrench

  • Newbie
  • *
  • Posts: 1
    • View Profile
  Hmmm, I'm not completely new to networking concepts, but I'm mostly familiar with the hardware side of things.  A small wifi network setup looks like...
  There's the wifi router. I'm guessing that this acts as the gateway for all internet traffic between the internet, and the much smaller WLAN. So, then after the wifi router, and looking from the internet side (perspective-wise); there's a Win10 box with Wireshark installed on it. From what I understand (maybe it's correct), is that Wireshark can only capture packets of info that run across the same device that it's installed on (so that would mean the Win10 box, and not the wifi router).

  But, I have an iPhone with no other capability than to go into its wifi settings, enter a few tidbits of info, and then it'll call home or wherever, and return a response.

  I think that by default, the iPhone's traffic would detour around the Win10 box, and head straight for the wifi router (gateway), to then go through it and then eventually reach its final destination somewhere on the internet. Then, it gets its response after it talks to whichever computer it talks to, before the response packets head back through the wifi router, and to the iPhone.

  Now, this is where things start to really make me scratch my head (as if I wasn't before).  The way that I thought it worked was that I would be unable to see any of the iPhone's traffic, because it didn't pass through my machine (the Win10 box). But, just out of curiosity and the fact that I'm getting reacquainted with Wireshark's GUI, I ran a capture with it on the 'Wireless Network Connection' and the 'Npcap Loopback Adapter', since these were the only two interfaces that showed any activity. In the results, I was able to find some info that was related to 'Apple', so I'm guessing that that's the iPhone's traffic. But, the protocol that was used by those packets was always ARP. I had read (and expected) that all iOS traffic would use either TCP and/or UDP.

  Anyways, figuring that I could get a much better capture if I could somehow make the iPhone's traffic go through the Win10 box so that Wireshark could see it better, I did some more nosing around. One of my options (I think) is to configure the Win10 box to be a proxy, and then configure the iPhone's traffic to go through the Win10 box, before it heads to the wifi router and beyond.

  My question is, does the above option of configuring the Win10 box to be a proxy, sound like a viable solution; then letting me run a Wireshark capture and see any iOS traffic? If it sounds doable, are there any capture filters or display filters that I might consider using, to lessen the 'noise' I might otherwise have to sift through?

  The iPhone is an iPhoneXR with iOS12.2 on it (if that matters).

 

anything