Shareaza

Hello!

I need to analyze with wireshark all network packets that comes from shareaza and other p2p clients.
I stuck with bittorrent because when I run wireshark and set filter to bittorrent it's don't showing anything, but shareaza is downloading data. Only .torrent files are added to download. When I run Deluge and sets filter to bittorrent everything is ok, and bittorrent protocol packets are displayed. I turn off G1,G2, eD2k, DC++, to see only BT, but Gnutella packets are still sent and received. What I'm doing wrong or where can I find information about how shareaza is handling bittorrent?

Even if gnutella/G2 are disabled, Shareaza still handshakes with those networks if requested to. It only drops the connections thereafter. It's basically that Shareaza tells those networks "I am here, but I don't want to talk at the moment.". This makes it for example more easy to reconnect at a later time.

Maybe just for fun

@soop3k: try to filter by port that raza uses (it will give you at least packets from incoming tcp connections and all udp communication)