Configure Wireshark on Ubuntu
By default, wireshark can not be run as a non-root user when attempting to capture traffic on an interface. The following steps can rectify this issue:
- Install Wireshark1sudo apt-get install wireshark
- Create a wireshark group1sudo groupadd wireshark
- Add your username to the wireshark group1sudo usermod -a -G wireshark YOUR_USERNAME
- Change the group ownership of the file dumpcap to wireshark1sudo chgrp wireshark /usr/bin/dumpcap
- Chage the mode of the file dumpcap to allow execution by the group wireshark1sudo chmod 750 /usr/bin/dumpcap
- Grant capabilities with setcap1sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
- Verify the change1sudo getcap /usr/bin/dumpcap
config_wireshark-ubuntu_user.txt