![]() What I want to achieve is to examine the network traffic of my smartphone using my PC running Wireshark, both connected to the same personal domestic WiFi access point. AR9287 Wireless Network Adapter (PCI-Express) (rev 01) TX packets:1782 errors:0 dropped:0 overruns:0 carrier:0īyte RX:970355 (970.3 KB) Byte TX:401610 (401.6 lspci | grep WirelessĠ3:00.0 Network controller: Atheros Communications Inc. RX packets:1585 errors:0 dropped:0 overruns:0 frame:0 Choose the wired port interface (en0 on Mac OSX, or eth0 on Linux). ![]() capinfos: Print information about capture files. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 dumpcap: Capturing with dumpcap for viewing with Wireshark. Next, select ‘Packet bytes’ from the first drop-down list and ‘String’ for the third one then enter the string to search for in the textbox and click ‘Find’. There are other ways to initiate packet capturing. Wlan0 Link encap:Ethernet HWaddr 5c:ac:4c:32:dc:1d To do this, select Edit > Find Packet (a search bar will appear below the display filter). In the Wireshark Capture Interfaces window, select Start. Here you are the output of ifconfig wlan0 and lspci | grep Wireless: ifconfig wlan0 I'm working with a WiFi device wlan0 with ath9k drivers. If I start browsing with my smartphone, instead, no packet is captured (PC and smartphone are connected to the same domestic WiFi network). Obviously I enabled Promiscuous mode in the capture options dialog.įor example, if I run Wireshark and then surf the web on Firefox, packets are captured. The publishing application was started first, followed (about 6 seconds. The problem is that only packets sent to and directed to the PC where Wireshark is running are captured. Wireshark was set up to start capturing packets before either application was started. I've installed Wireshark and configured it to let my user run it with all needed privileges (I enabled dumpcap and added my user to wireshark group, then restarted).ĭevices are shown and capture starts well. remote capture If you want to start capture from a remote machine, then add ssh command to the mix: ssh containerlabhostaddress 'ip netns exec labnodename tcpdump -nni ifname' Capturing remotely with tcpdump makes little sense, but it makes all the difference when wireshark is concerned.
0 Comments
Leave a Reply. |