diff --git a/lib/services/protocol_blocking_service.dart b/lib/services/protocol_blocking_service.dart
index 9f9ff2c..7828f88 100644
--- a/lib/services/protocol_blocking_service.dart
+++ b/lib/services/protocol_blocking_service.dart
@@ -89,12 +89,8 @@ class ProtocolBlockingService {
       final tcpConnections = _parseConnections(tcpResult.stdout.toString(), 'tcp');
       final udpConnections = _parseConnections(udpResult.stdout.toString(), 'udp');
       
-      if (_scanCount % 100 == 0) {
-        print('🔍 Found ${tcpConnections.length} TCP + ${udpConnections.length} UDP connections');
-        // Debug: show first few connections to see the format
-        if (tcpConnections.isNotEmpty) {
-          print('Debug - First TCP connection: ${tcpConnections.first}');
-        }
+      if (_scanCount % 100 == 0 && _activePeerIPs.isNotEmpty) {
+        print('🔍 Monitoring ${_activePeerIPs.length} active peers: $_activePeerIPs');
       }
       
       for (final conn in [...tcpConnections, ...udpConnections]) {
@@ -211,16 +207,15 @@ class ProtocolBlockingService {
     try {
       print('📡 Capturing handshake for: $conn');
       
-      // Use tcpdump to capture only the first data packet (handshake)
-      final protocol = conn.protocol;
+      // Use tcpdump to capture packets on WireGuard interface specifically
       final process = await Process.start('timeout', [
         '2', // 2 second timeout
         'tcpdump',
-        '-i', 'any',
+        '-i', 'wg0',  // Monitor WireGuard interface specifically
         '-c', '1',  // Capture only 1 packet
         '-s', '200', // Capture first 200 bytes only
         '-x',        // Output in hex
-        '$protocol and host ${conn.remoteIP} and port ${conn.remotePort}',
+        'src ${conn.localIP} and dst ${conn.remoteIP}',
       ]);
       
       final handshakeData = <String>[];