Hi there,
Today’s post is going to be short and sweet. I ran into an issue while trying to use Wireshark to capture packets on an Ubuntu machine. After performing my “sudo apt-get install wireshark” and successfully watching Wireshark download and install, I ran into an error stating “There are no interfaces on which a capture can be done”.
Surely this could not be correct. Well, it turns out, once I performed a “sudo wireshark” and entered my password, I was able to list the correct interfaces to capture on. I did receive a warning that it was not recommended to run Wireshark as root accompanied with a README.Debian document located at /usr/share/doc/wireshark-common. After skimming through this document, I was told that I had to allow non-root users to capture packets on interfaces and have the users added to the wireshark group. After a quick google search, I was able to find the answer on the Ask Wireshark website. The setup was complete by performing the following actions. When prompted “Should non-superusers be able to capture packets“, I answered yes:
derrick@TPA-MGMT01:~$ sudo dpkg-reconfigure wireshark-common
[sudo] password for derrick:
derrick@TPA-MGMT01:~$ sudo usermod -a -G wireshark $USER
derrick@TPA-MGMT01:~$ sudo reboot
I’m sure this is one that I’ll have to refer to again. Hopefully it helps someone else out who may find themselves in the same boat!