![]() Everything I can find says to set the perms and caps on dumpcap, and I should be able to see ethernet interfaces inside Wireshark. If I run it as my normal user, all I see are ciscodump, dpausmon, ranpkt, sdjournal, sshdump and udpdump. ![]() This option sets the name of the savefile to be used when saving a capture file. Step-7: Select 'Authentication' tab and enter the user credential. Select 'Server' tab and type the remote server IP address and SSH port. Step-6: Click 'SSH remote capture' and following window opens. If I run wireshark via sudo, I see the local network interfaces. The -v option requests Wireshark to print out its version information and exit. Step-5: Launch Wireshark and you will see some new tools such as 'Cisco remote capture' and 'SSH remote capture'. usr/bin/dumpcap cap_net_admin,cap_net_raw=eip ![]() rwsr-x- 1 root wireshark 116928 Jun 7 15:16 /usr/bin/dumpcap Tty network wireshark libvirt docker users uucp optical disk audio wheel ddjones Permissions on dumpcap are set, and setcap run (several times.) I can run dumpcap directly via CLI from my normal user and capture packets: ╰─❯ groups ![]() I am a member of the network and the wireshark groups, and have not only logged out but have completely rebooted the computer since adding myself to those groups. tshark -version TShark (Wireshark) 2.6.2 (v2.6. In case you wish to use the command line Wireshark tools use the tshark command. Launch the Wireshark GUI application from the Activities menu by searching for wireshark. Running Arch linux, wireshark installed via pacman. To install Wireshark command line tool only execute: dnf install wireshark-cli. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |