Wireshark-users: Re: [Wireshark-users] I am unable to stop an active capture
From: Leon Goldman <leon244@xxxxxxxxxxx>
Date: Tue, 25 Nov 2014 16:00:06 -0500
Thank you. Sadly, neither change in the preference worked. I am not
prepared to build 1.12 from source and my distribution only has rpm for
1.10. I will just do it from a dumpcap -w <filename> which is easeier to
stop and then view the file in wireshark. A simple enough work around
for me.
Leon On 11/25/2014 03:41 AM, Anders Broman wrote:
If you are capturing on a heavily utilized link a workaround could be to "untick" the "Update list of packets in real time" and "Automatic scrolling in live captures" under preferences->capture. Wireshark 1.12.x is the latest version which may work better... Regards Anders -----Original Message----- From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Leon Goldman Sent: den 24 november 2014 23:19 To: wireshark-users@xxxxxxxxxxxxx Subject: [Wireshark-users] I am unable to stop an active capture I recently installed wireshark on my linux system. I run Mageia3 I followed the guidance at http://wiki.wireshark.org/CaptureSetup/CapturePrivileges, but following the directions under "Setting network privileges for dumpcap" or "Limiting capture permission to only on group" did not allow wireshark to be run as a user. It does run as root and cannot be stopped without killing the app. I setuid on dumpcap to run wireshark gui as a user and that works, but after I begin a capture I am unable to stop it with the 'Stop' button or by doing Ctrl-E. I have to go in and kill the pid. wireshark -v shows: wireshark 1.10.11 (Git Rev Unknown from unknown) Compiled (64-bit) with GTK+ 3.6.4, with Cairo 1.12.12, with Pango 1.32.5, with GLib 2.34.3, with libpcap, with libz 1.2.7, with POSIX capabilities (Linux), with libnl 3, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 3.1.16, with Gcrypt 1.5.4, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jan 13 2013), without AirPcap. Running on Linux 3.10.60-desktop-1.mga3, with locale en_US.UTF-8, with libpcap version 1.3.0, with libz 1.2.7, GnuTLS 3.1.16, Gcrypt 1.5.4. Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz Built using gcc 4.7.2. Advice on how to stop an active capture without resorting to the kill command would be most appreciated. Thank you. -- Leon ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
- References:
- [Wireshark-users] I am unable to stop an active capture
- From: Leon Goldman
- Re: [Wireshark-users] I am unable to stop an active capture
- From: Anders Broman
- [Wireshark-users] I am unable to stop an active capture
- Prev by Date: Re: [Wireshark-users] I am unable to stop an active capture
- Previous by thread: Re: [Wireshark-users] I am unable to stop an active capture
- Index(es):