diff --git a/doc/wireshark.pod b/doc/wireshark.pod
index a8472e0210..6fa570edb2 100644
--- a/doc/wireshark.pod
+++ b/doc/wireshark.pod
@@ -1615,7 +1615,7 @@ The I<Filter:> text entry lets you set a capture filter expression to be
 used when capturing.
 
 If any of the environment variables SSH_CONNECTION, SSH_CLIENT,
-REMOTEHOST, DISPLAY, or CLIENTNAME are set, Wireshark will create a
+REMOTEHOST, DISPLAY, or SESSIONNAME are set, Wireshark will create a
 default capture filter that excludes traffic from the hosts and ports
 defined in those variables.
 
diff --git a/docbook/wsug_src/WSUG_chapter_capture.xml b/docbook/wsug_src/WSUG_chapter_capture.xml
index 54218a12bd..ad0e3d0366 100644
--- a/docbook/wsug_src/WSUG_chapter_capture.xml
+++ b/docbook/wsug_src/WSUG_chapter_capture.xml
@@ -998,7 +998,7 @@ tcp port 23 and not host 10.0.0.5
 	  </listitem>
 	</varlistentry>
 	<varlistentry>
-	  <term><command>CLIENTNAME</command> (terminal server)</term>
+	  <term><command>SESSIONNAME</command> (terminal server)</term>
 	  <listitem>
     <para>	
    	&lt;remote name>
diff --git a/util.c b/util.c
index ed79b9aea7..36a579305e 100644
--- a/util.c
+++ b/util.c
@@ -134,7 +134,7 @@ compute_timestamp_diff(gint *diffsec, gint *diffusec,
    SSH_CLIENT (ssh): <remote IP> <remote port> <local port>
    REMOTEHOST (tcsh, others?): <remote name>
    DISPLAY (x11): [remote name]:<display num>
-   CLIENTNAME (terminal server): <remote name>
+   SESSIONNAME (terminal server): <remote name>
  */
 
 const gchar *get_conn_cfilter(void) {
@@ -174,9 +174,21 @@ const gchar *get_conn_cfilter(void) {
 				host_ip_af(tokens[0]), tokens[0]);
 			return filter_str->str;
 		}
-	} else if ((env = getenv("CLIENTNAME")) != NULL) {
-		g_string_sprintf(filter_str, "not tcp port 3389");
-		return filter_str->str;
+	} else if ((env = getenv("SESSIONNAME")) != NULL) {
+        /* Apparently the KB article at
+         * http://technet2.microsoft.com/WindowsServer/en/library/6caf87bf-3d70-4801-9485-87e9ec3df0171033.mspx?mfr=true
+         * is incorrect.  There are _plenty_ of cases where CLIENTNAME
+         * and SESSIONNAME are set outside of a Terminal Terver session.
+         * It looks like Terminal Server sets SESSIONNAME to RDP-TCP#<number>
+         * for "real" sessions.
+         *
+         * XXX - There's a better way to do this described at
+         * http://www.microsoft.com/technet/archive/termsrv/maintain/featusability/tsrvapi.mspx?mfr=true
+         */
+		if (g_strncasecmp(env, "rdp", 3) == 0) {
+			g_string_sprintf(filter_str, "not tcp port 3389");
+			return filter_str->str;
+		}
 	}
 	return "";
 }