In addition to the above, I couldn't save the captured file in a custom location when I run on `sudo` from '
./run/wireshark'.
Folks, could you confirm that I am writing this query on the `
wireshark-dev@xxxxxxxxxxxxx` email group which is the correct place for this type of debugging?
Fellow Devs,
After building the Wireshark 4.5 via '
make' and running it via '
./run/wireshark' on Ubuntu 22.05 LTS, I cannot capture packets, if not logged in via super user. I am getting the standard error message after running the Wireshark capture on my USB UE200 to RJ45 adapter -
** (wireshark:7239) 22:39:55.600958 [Capture MESSAGE] -- Capture Start ...
** (wireshark:7239) 22:39:55.656119 [Capture MESSAGE] -- Error message from child: "You do not have permission to capture on device "enx503eaa96213f".
(socket: Operation not permitted)", "Please check to make sure you have sufficient permissions.
On Debian and Debian derivatives such as Ubuntu, if you have installed Wireshark from a package, try running
sudo dpkg-reconfigure wireshark-common
selecting "<Yes>" in response to the question
Should non-superusers be able to capture packets?
adding yourself to the "wireshark" group by running
sudo usermod -a -G wireshark {your username}
and then logging out and logging back in again.
If you did not install Wireshark from a package, ensure that Dumpcap has the needed CAP_NET_RAW and CAP_NET_ADMIN capabilities by running
sudo setcap cap_net_raw,cap_net_admin=ep {path/to/}dumpcap
and then restarting Wireshark.
getcap ./dumpcap returned
./dumpcap cap_net_admin,cap_net_raw=ep
Any recommendations?
Thanks,
Mayank Bhaskar
Independent Machine Learning Consultant