In my stress test using jmeter, I am trying to find out the root cause of connection reset, hostconnect exception and such errors on jmeter client. The only way I can think of is to capture the packets and see if I am getting tcp reqeusts and what response the server is sending.
However I am failing to write bpf filter, so that I just capture tcp 3 way handshake and first get request. I don't want to capture rest of the stuff, because I steram huge mp4 files in my test, which will simply bring down my capture machine, it incidentally is also my server under test.
Any ideas?
Wireshark forum has the exact question answered.
http://ask.wireshark.org/questions/15057/how-to-capture-tcp-3-way-handshake
Really interesting solution.