ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-users: Re: [Wireshark-users] I am unable to stop an active capture

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Anders Broman <anders.broman@xxxxxxxxxxxx>
Date: Tue, 25 Nov 2014 08:41:42 +0000
If you are capturing on a heavily utilized link a workaround could be to "untick" the "Update list of packets in real time" and "Automatic scrolling in live captures" under preferences->capture.
Wireshark 1.12.x is the latest version which may work better...
Regards
Anders

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Leon Goldman
Sent: den 24 november 2014 23:19
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] I am unable to stop an active capture

I recently installed wireshark on my linux system. I run Mageia3

I followed the guidance at
http://wiki.wireshark.org/CaptureSetup/CapturePrivileges, but following the directions under "Setting network privileges for dumpcap" or "Limiting capture permission to only on group" did not allow wireshark to be run as a user. It does run as root and cannot be stopped without killing the app.

I setuid on dumpcap to run wireshark gui as a user and that works, but after I begin a capture I am unable to stop it with the 'Stop' button or by doing Ctrl-E.  I have to go in and kill the pid.

wireshark -v shows:

wireshark 1.10.11 (Git Rev Unknown from unknown)

Compiled (64-bit) with GTK+ 3.6.4, with Cairo 1.12.12, with Pango 1.32.5, with GLib 2.34.3, with libpcap, with libz 1.2.7, with POSIX capabilities (Linux), with libnl 3, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 3.1.16, with Gcrypt 1.5.4, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jan 13 2013), without AirPcap.

Running on Linux 3.10.60-desktop-1.mga3, with locale en_US.UTF-8, with libpcap version 1.3.0, with libz 1.2.7, GnuTLS 3.1.16, Gcrypt 1.5.4.
Intel(R) Core(TM) i7 CPU         950  @ 3.07GHz

Built using gcc 4.7.2.

Advice on how to stop an active capture without resorting to the kill command would be most appreciated.
Thank you.
--
Leon
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube