How To Install and Use Wireshark On Ubuntu Linux

We can install and use Wireshark on Ubuntu. Wireshark is used to capture the network traffic and it’s free to use. Let’s see, how to install Wireshark on ubuntu.

How To Install and Use Wireshark On Ubuntu Linux:

You can install Wireshark on Ubuntu using the package available in-universe repository. if you don’t know how to install the Universe repository, you may follow these articles. 

Check Out: Solve add-apt-repository: Command Not Found on Ubuntu

We can also install it using sudo apt-add-repository universe. Once you have installed it then we need to run the below command to install it. 

ubuntu@ubuntu:~$ sudo apt install wireshark

After a few minutes, you will see the windows like as shown below and click on “yes“. 

It will start the installation process and install all the dependencies itself. 

how to use wireshark

You can check the version installed using the below command from the terminal.

ubuntu@ubuntu:~$ sudo apt show wireshark
Package: wireshark
Version: 3.2.3-1
Priority: optional
Section: universe/net
Origin: Ubuntu
Maintainer: Balint Reczey <rbalint@ubuntu.com>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 59.4 kB

Now open this packet capturing application from the terminal using “Wireshark” and press “Enter“.

install wireshark on ubuntu

Run Wireshark without Sudo: 

If you have selected “No” while installing this application, run the below command as root. 

sudo dpkg-reconfigure wireshark-common

Now the above window will appear, you have to select “Yes” and hit the enter. Once it’s done. you have allowed the non-root users to capture the packet.

Check Out:  How To Solve Printer Spooler Problem In Windows 10

We’ve to add a user in the Wireshark group using the below command. 

sudo usermod -a -G wireshark $whoami

Reboot the system to take effect. you can capture the network packet using the Wireshark.

If you still face issue, try the below command.

sudo chmod +x /usr/bin/dumpcap 

How To Use Wireshark On Ubuntu:

We have installed this application on Ubuntu and now we will see how to use it to capture the network traffic.

When you click on start capture the network traffic that’s “Blue shark button” then you face the below issue.

Check Out:  How To Rollback or Downgrade Installed Packages On Linux

Error ”Couldn’t run /usr/bin/dumpcap in child process: Permission denied”;

wireshark ubuntu

To fix this issue, we will have to create a user to start the Wireshark. 

ubuntu@ubuntu:~$ sudo usermod -a -G wireshark $USER

We will check the owner and group of dumpcap binary as shown below. if the group is not Wireshark, you can change it using 

sudo chgrp wireshark /usr/bin/dumpcap 

In our case, everything is all right. 

ubuntu@ubuntu:~$ ls -ld /usr/bin/dumpcap 
-rwxr-xr-- 1 root wireshark 113112 Apr 19 14:04 /usr/bin/dumpcap

We will change the permission on this /usr/bin/dumpcap from 754 to 750.

sudo chmod 750 /usr/bin/dumpcap
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

Check Out:  Solve No WiFi Driver Adaptor Found In Ubuntu 18.04

You can also verify the above configuration using the below command. 

ubuntu@ubuntu:~$ sudo getcap /usr/bin/dumpcap 
/usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip

Reboot the machine and Let’s try to capture the network traffic now. 

capture network using wireshark

That’s it.

Share on:

I'm the founder of Curious Viral. I hope this blog will provide you complete information about Linux Technology & I would like to share my technical knowledge with you which I have learned during this period.

Other Posts You May Like...

Leave a comment