Installation of Wireshark: $ sudo apt-get install wireshark If you run wireshark as a non root use
Installation of Wireshark:
$ sudo apt-get install wireshark
If you run wireshark as a non root user at this stage, you will get
the message “No interface can be used for capturing in this system with the current configuration.”.
The following steps will rectify this.
1) Create the wireshark group.
$ sudo groupadd wireshark
2) Add your username to the wireshark group
$ sudo usermod -a -G wireshark YOUR_USER_NAME
3) Change the group ownership of file dumpcap to wireshark
$ sudo chgrp wireshark /usr/bin/dumpcap
4) Change the mode of the file dumpcap to allow execution by the group wireshark
$ sudo chmod 750 /usr/bin/dumpcap
5) Grant capabilities with setcap, man capabilities(7), setcap(8), cap_from_text(3) for more info about what are "cap_net_raw", "cap_net_admin" and "eip". Anyway, after we grant the capabilities, the dump can perform various network-related operations, use RAW and PACKET sockets; bind to any address for transparent proxying.
$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
6) Verify the change
$ sudo getcap /usr/bin/dumpcap
Output should be like below:
$ /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
7) At this point, you will need to log out, then back into ubuntu
