Home General / Other Generating Traffic Captures for Voxility (DDoS False Positives)

Generating Traffic Captures for Voxility (DDoS False Positives)

Last updated on Dec 16, 2025

If you are unable to connect to your website or hosting services, our DDoS mitigation system (Voxility) may be incorrectly blocking your connection. To resolve this, we need a Packet Capture (PCAP) from your local machine. This file shows us exactly how your traffic is being handled so we can "whitelist" your connection pattern.

📋 Prerequisites

  • You must run this test from the same computer and network that is experiencing the connection issue.

  • You will need the IP address of your server (provided by our support team).

🪟 Windows Instructions

The easiest way to capture traffic on Windows is using Wireshark.

  1. Download & Install: Download Wireshark from wireshark.org.

  2. Select Interface: Open Wireshark. You will see a list of interfaces (Wi-Fi, Ethernet). Double-click the one showing activity.

  3. Set Filter: In the "Enter a capture filter" box at the top, type: host YOUR_SERVER_IP (Replace with your actual server IP).

  4. Set Stop Limit: * Go to Capture > Options > Options Tab.

    • Check "Stop capture automatically after..." and set it to 10000 packets.

  5. Start & Reproduce: Click Start. While it is running, try to refresh your website or access your service 3–4 times in your browser.

  6. Save: Once it stops (or after 60 seconds), go to File > Save As and save it as a .pcap file.

🍎 macOS Instructions

macOS users can use the built-in Terminal without installing extra software.

  1. Open Terminal: (Command + Space, type "Terminal").

  2. Find your Interface: Type networksetup -listallhardwareports to see if you are using en0 (usually Wi-Fi) or en1.

  3. Run the Capture: Copy and paste the following command (replace en0 if needed and YOUR_SERVER_IP with the server IP):

    Bash

    sudo tcpdump -i en0 -c 10000 -p -w connection_test.pcap host YOUR_SERVER_IP

  4. Authenticate: Enter your Mac password when prompted.

  5. Reproduce: While the terminal is "waiting," try to access your website in your browser. The command will finish automatically once it hits the packet limit.

  6. Submit: The file connection_test.pcap will be saved in your user folder.

🐧 Linux Instructions (Desktop/Local)

Most Linux distributions have tcpdump installed by default.

  1. Open your Terminal.

  2. Run the Capture: Use the following command (replace eth0 with your interface name, e.g., wlan0 for Wi-Fi):

    Bash

    sudo tcpdump -i eth0 -c 10000 -w local_capture.pcap host YOUR_SERVER_IP

  3. Reproduce: Try to connect to your website/service. The capture will automatically stop after 10,000 packets.

  4. Submit: Find local_capture.pcap in your current directory.

📤 Submitting Your Results

To help us resolve the block quickly, please attach the resulting file to your support ticket and include the following:

  • Your Public IP Address: (Visit whatsmyip.org to find this).

  • The Timestamp: What time (and timezone) did you perform this test?

  • The Error: What specific error do you see in your browser (e.g., "Connection Timed Out")?