On Nov 29, 2019, at 6:02 AM, Tom Bentley <t.j.bent...@gmail.com> wrote:
> I downloaded and built wireshark 3.1.1 from the website. When I run/wireshark
> the gui appears, but there in the "Capture" pane it says "No interfaces
> found". Furthermore (maybe related, maybe not) I had expected `dumpcap` to be
> in the run directory, but it's missing). So I'm wondering how I managed to
> mess up the build and what I need to do to fix it.
On what operating system is this?
If it's Windows:
The "You have to build all projects in Visual Studio" part of Roland
Knall's first answer might apply, as might the "or on the console" part,
although you'd have to use msbuild rather than make.
If it's a UN*X of some sort:
A top-level "make" or "ninja" from the command line should have built
everything; you should not have needed to build dumpcap separately, as Dario
Lombardo said in his answer.
And, once you've build dumpcap, you may have to set it up to run with
special privileges, as per Roland Knall's second answer. If you're going to
*install* Wireshark, there's a CMake option DUMPCAP_INSTALL_OPTION that can be
set to:
"normal" - this means it gets no special privileges, which
won't work on your OS, as you've found;
"suid" - this means it will be installed set-UID root, which
should be sufficient on all platforms;
"capabilities" - this is Linux-only, and should be sufficient
to capture on network interfaces, but not on, for example, USB buses.
"capabilities" is safer than "suid", as it grants fewer capabilities,
but 1) it's available only on Linux and 2) isn't sufficient for some devices
such as USB buses (you can still capture on USB *network adapters*, but you
can't capture raw USB traffic if you're trying to analyze that rather than
network traffic).
if you install "suid", you might want to limit the executability of
dumpcap to users in a particular group, so not everybody can run the set-UID
dumpcap. If so, you need to set another CMake option, DUMPCAP_INSTALL_GROUP,
to the name of that group - the default is a group named "wireshark". Only
users in that group will be able to run dumpcap and thus only users in that
group will be able to capture traffic with Wireshark.
However, that's done as part of the installation process; if you want
to run Wireshark from the build directory, you'll have to set the permissions
etc. on dumpcap yourself, as per the page linked to by Roland Knall's second
answer - and change the paths for dumpcap to the path to the dumpcap in the
build directory.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
