How to use wireshark?

I’ve just installed wireshark on mate 16, and it says it can’t do anything. I’ve read the “how to capture” doc and it seems dumpcap needs root privileges. And yes if I “sudo dumpcap” I think I can get it to capture. It says it’s saved the capture to “output.pcapng”, But where is this? A caja search can’t find it.
In the old days I just manually selected which interface I wanted, hit capture and away it went, there was nothing complicated about it.
I answered the “allow non root users to capture” question with a yes so I’m surprised it needs root privileges.
I tried “sudo wireshark” but there’s no such command.

Any thoughts kind people?

Hi @decrepit,

I have no idea myself so try their FAQ’s here:

For Wireshark to work for non-root users, the wireshark group needs to be added to the user account.

  1. Go to Users & Groups (System → Administration)
  2. Click “Manage Groups”
  3. Select “wireshark” and open its properties.
  4. Tick your user account.
  5. Save, log out then log back in. :slight_smile:

i use this to get it working: sudo dpkg-reconfigure wireshark-common

Thanks guys, I followed lah7’s advice first and it’s up and running. I thought by the help files it would be something simple like that, But they assumed too much knowledge of how to manage groups.

1 Like