1.6. Reporting problems and getting help

If you have problems or need help with Wireshark there are several places that may be of interest to you (well, besides this guide of course).

1.6.1. Website

You will find lots of useful information on the Wireshark homepage at https://www.wireshark.org/.

1.6.2. Wiki

The Wireshark Wiki at https://wiki.wireshark.org/ provides a wide range of information related to Wireshark and packet capture in general. You will find a lot of information not part of this user’s guide. For example, there is an explanation how to capture on a switched network, an ongoing effort to build a protocol reference and a lot more.

And best of all, if you would like to contribute your knowledge on a specific topic (maybe a network protocol you know well) you can edit the wiki pages by simply using your web browser.

1.6.3. Q&A Site

The Wireshark Q&A site at https://ask.wireshark.org/ offers a resource where questions and answers come together. You have the option to search what questions were asked before and what answers were given by people who knew about the issue. Answers are graded, so you can pick out the best ones easily. If your question hasn’t been discussed before you can post one yourself.

1.6.4. FAQ

The Frequently Asked Questions lists often asked questions and their corresponding answers.

[Note]Read the FAQ

Before sending any mail to the mailing lists below, be sure to read the FAQ. It will often answer any questions you might have. This will save yourself and others a lot of time. Keep in mind that a lot of people are subscribed to the mailing lists.

You will find the FAQ inside Wireshark by clicking the menu item Help/Contents and selecting the FAQ page in the dialog shown.

An online version is available at the Wireshark website at https://www.wireshark.org/faq.html. You might prefer this online version, as it’s typically more up to date and the HTML format is easier to use.

1.6.5. Mailing Lists

There are several mailing lists of specific Wireshark topics available:

wireshark-announce
This mailing list will inform you about new program releases, which usually appear about every 4-8 weeks.
wireshark-users
This list is for users of Wireshark. People post questions about building and using Wireshark, others (hopefully) provide answers.
wireshark-dev
This list is for Wireshark developers. If you want to start developing a protocol dissector, join this list.

You can subscribe to each of these lists from the Wireshark web site: https://www.wireshark.org/lists/. From there, you can choose which mailing list you want to subscribe to by clicking on the Subscribe/Unsubscribe/Options button under the title of the relevant list. The links to the archives are included on that page as well.

[Tip]The lists are archived

You can search in the list archives to see if someone asked the same question some time before and maybe already got an answer. That way you don’t have to wait until someone answers your question.

1.6.6. Reporting Problems

[Note]Note

Before reporting any problems, please make sure you have installed the latest version of Wireshark.

When reporting problems with Wireshark please supply the following information:

  1. The version number of Wireshark and the dependent libraries linked with it, such as Qt or GLib. You can obtain this from Wireshark’s about box or the command wireshark -v.
  2. Information about the platform you run Wireshark on.
  3. A detailed description of your problem.
  4. If you get an error/warning message, copy the text of that message (and also a few lines before and after it, if there are some) so others may find the place where things go wrong. Please don’t give something like: "I get a warning while doing x" as this won’t give a good idea where to look.
[Note]Don’t send large files

Do not send large files (> 1 MB) to the mailing lists. Just place a note that further data is available on request. Large files will only annoy a lot of people on the list who are not interested in your specific problem. If required you will be asked for further data by the persons who really can help you.

[Warning]Don’t send confidential information!

If you send capture files to the mailing lists be sure they don’t contain any sensitive or confidential information like passwords or personally identifiable information (PII).

1.6.7. Reporting Crashes on UNIX/Linux platforms

When reporting crashes with Wireshark it is helpful if you supply the traceback information along with the information mentioned in "Reporting Problems".

You can obtain this traceback information with the following commands on UNIX or Linux (note the backticks):

$ gdb `whereis wireshark | cut -f2 -d: | cut -d' ' -f2` core >& backtrace.txt
backtrace
^D

If you do not have gdb available, you will have to check out your operating system’s debugger.

Mail backtrace.txt to wireshark-dev[AT]wireshark.org.

1.6.8. Reporting Crashes on Windows platforms

The Windows distributions don’t contain the symbol files (.pdb) because they are very large. You can download them separately at https://www.wireshark.org/download/win32/all-versions/ and https://www.wireshark.org/download/win64/all-versions/ .