Manualshelf

User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 1.9
51525354555657585960
Capturing Live Network Data
50
4.3. Start Capturing
One of the following methods can be used to start capturing packets with Wireshark:
You can get an overview of the available local interfaces using the " Capture Interfaces" dialog
box, see Figure 4.1, “The "Capture Interfaces" dialog box on Microsoft Windows” or Figure 4.2, “The
"Capture Interfaces" dialog box on Unix/Linux”. You can start a capture from this dialog box, using
(one of) the "Capture" button(s).
You can start capturing using the " Capture Options" dialog box, see Figure 4.3, “The "Capture
Options" dialog box”.
If you have selected the right capture options before, you can immediately start a capture using the "
Capture Start" menu / toolbar item. The capture process will start immediately.
If you already know the name of the capture interface, you can start Wireshark from the command line
and use the following:
wireshark -i eth0 -k
This will start Wireshark capturing on interface eth0, more details can be found at: Section 10.2, “Start
Wireshark from the command line”.
4.4. The "Capture Interfaces" dialog box
When you select "Interfaces..." from the Capture menu, Wireshark pops up the "Capture Interfaces" dialog
box as shown in Figure 4.1, “The "Capture Interfaces" dialog box on Microsoft Windows” or Figure 4.2,
“The "Capture Interfaces" dialog box on Unix/Linux”.
This dialog consumes lots of system resources!
As the "Capture Interfaces" dialog is showing live captured data, it is consuming a lot of
system resources. Close this dialog as soon as possible to prevent excessive system load.
Not all available interfaces may be displayed!
This dialog box will only show the local interfaces Wireshark knows of. It will not show
interfaces marked as hidden in Section 10.5.1, “Interface Options”. As Wireshark might not
be able to detect all local interfaces, and it cannot detect the remote interfaces available, there
could be more capture interfaces available than listed.
As it is possible to simultaneously capture packets from multiple interfaces, the toggle buttons can be used
to select one or more interfaces.