Highest Voted 'wireshark' Questions - Unix and Linux Stack Exchange

34

votes

4 answers

How to trace networking activity of a command?

I want to trace the networking activity of a command, I tried tcpdump and strace without success. For an example, If I am installing a package or using any command that tries to reach some site, I want to view that networking activity (the site it…

asked Jul 05 '17 at 06:25

Buvanesh Kumar

533
1
5
11

20

votes

1 answer

How to filter by host name in Wireshark?

Display filter in form ip.src_host eq my.host.name.com yields no matching packets, but there is traffic to and from this host. DNS name is resolved successfully, and filters using ip addresses like ip.src eq 123.210.123.210 work as expected.

hostname wireshark ip-address

asked Aug 25 '17 at 17:01

Petr Gladkikh

471
1
3
10

11

votes

2 answers

merge pcap files

I'm trying to merge 15 pcap files using wireshark. The merging is successful. I'm using appending function so that the second file is just added to the bottom of the first file. But when this is done, I get -ve value in time column. How can I change…

wireshark

asked Mar 24 '14 at 15:17

Jishnu U Nair

1,501
6
19
31

7

votes

1 answer

Can't get Wireshark to run as user on CentOS

It's the first time I'm installing and configuring Wireshark in a rpm-based distro. In the past I've installed it properly on Ubuntu, Mint or Debian. Don't know why, but it seems I cannot run it as standard user. I've done the process of creating…

permissions wireshark

asked Nov 08 '13 at 22:26

user27807

6

votes

2 answers

How to capture WOL packets?

I used sudo tcpdump -v -i eth0 ether proto 0x0842 or udp port 9 but didn't see anything when WakeMeOnLan from NirSoft wakes the computer. The same with Wireshark

tcpdump wireshark wake-on-lan

asked Mar 15 '19 at 19:21

Dims

3,181
9
49
107

6

votes

1 answer

How to capture src and dst traffic (both directions) with tcpdump, with one command?

I am using RedHat (6.5) bonding and my active interface is eth5. Running the following command, I'm not able to see the traffic originated by my NIC IP address: tcpdump -i eth5 src host actual_ip_address_of_external_client I'm only able to see the…

networking rhel tcpdump wireshark bonding

asked Mar 31 '15 at 17:49

Selahattin

83
2
2
4

5

votes

2 answers

Tc qdisc delay not seen in tcpdump recording

I have two linux containers connected with a veth-pair. At veth-interface of one container I set up tc qdisc netem delay and send traffic from it to the other container. If I watch traffic on both sides using tcpdump/wireshark it can be seen that…

networking tcpdump tc wireshark delay

asked Jun 07 '19 at 18:11

JenyaKh

304
4
14

5

votes

2 answers

How keyboard's drivers work on linux

I recently bought a new keyboard, it was cheap and of an unknown brand but i wasn't particularly worried. I found out that on linux pressing shift, super, left-ctrl or left-alt with this keyboard made no difference, it always take it as shift. I…

drivers keyboard modprobe wireshark

asked Jun 17 '18 at 15:32

orlakio

59
1
3

5

votes

2 answers

How to choose a response for interactive prompt during installation from a shell script

I am writing a shell script to install all my required applications on my Ubuntu PC in one shot (while I can take a stroll or do something else). For most applications adding -y to the end of the apt-get install statement, has worked well to avoid…

shell-script shell ubuntu wireshark interactive

asked May 29 '17 at 09:17

skrowten_hermit

731
3
13
32

4

votes

1 answer

Tell tcpdump to skip custom header

I have an IP packet with x bytes of custom header coming in on an interface. Is there a way to tell tcpdump or tshark to ignore the first x bytes and decode and display the IP packet? Any pointers would be helpful; I don't want to write a custom…

linux tcpdump wireshark

asked Jan 29 '13 at 22:09

Mike Ryan

41
2

4

votes

0 answers

Is there a command like `time` that monitors the network traffic of commands?

I can use the time command to measure the time some command takes: time node -e "" node -e "" 0.06s user 0.01s system 92% cpu 0.076 total Is there a similar way to measure a command's network traffic (the bandwidth it used, the hosts it sent…

bash networking process-management wireshark ss

asked Jul 31 '20 at 22:08

HappyFace

1,493
9
21

4

votes

2 answers

Is tshark using different syntax with wireshark?

The filter !ssh works in wireshark but not in tshark!, When I do tshark '!ssh', it complains about the filter, so what's wrong here?

wireshark

asked Dec 30 '12 at 12:51

daisy

53,527
78
236
383

4

votes

2 answers

How to gradually encrypt the tshark output file along the capture?

In order to secure a packet capture, which method would you use to make all (or close to all) past captured packet utterly unaccessible unless a given password is given. My habbits are to mount an ecrypt partition mount -t ecryptfs /srv /srv to…

security encryption disk-encryption wireshark tshark

asked Nov 24 '16 at 14:36

user196279

71
4

4

votes

3 answers

zypper, how to install a package in local ~/bin directory

How do I install a package in my ~/bin directory using zypper? I first downloaded the package as root, and then tried to install it as non root, but that way it runs into dependency issues. # zypper in --download-only wireshark ... $ zypper -R…

sles zypper wireshark

asked Dec 05 '14 at 00:16

Dinesh

1,241
4
14
18

3

votes

1 answer

“tshark: There are no interfaces on which a capture can be done” in Amazon Linux AMI

My goal is to capture packets with tshark in Amazon Linux AMI. While typing tshark in the command line there's an error: "tshark: There are no interfaces on which a capture can be done" How to implement the solution from Wireshark setup Linux for…

amazon-ec2 wireshark tshark

asked Oct 29 '13 at 15:33

rok

369
1
4
11

Questions tagged [wireshark]