Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: I am unable to stop an active capture

From: Anders Broman <anders.broman () ericsson com>
Date: Tue, 25 Nov 2014 08:41:42 +0000
If you are capturing on a heavily utilized link a workaround could be to "untick" the "Update list of packets in real 
time" and "Automatic scrolling in live captures" under preferences->capture.
Wireshark 1.12.x is the latest version which may work better...
Regards
Anders

-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Leon 
Goldman
Sent: den 24 november 2014 23:19
To: wireshark-users () wireshark org
Subject: [Wireshark-users] I am unable to stop an active capture

I recently installed wireshark on my linux system. I run Mageia3

I followed the guidance at
http://wiki.wireshark.org/CaptureSetup/CapturePrivileges, but following the directions under "Setting network 
privileges for dumpcap" or "Limiting capture permission to only on group" did not allow wireshark to be run as a user. 
It does run as root and cannot be stopped without killing the app.

I setuid on dumpcap to run wireshark gui as a user and that works, but after I begin a capture I am unable to stop it 
with the 'Stop' button or by doing Ctrl-E.  I have to go in and kill the pid.

wireshark -v shows:

wireshark 1.10.11 (Git Rev Unknown from unknown)

Compiled (64-bit) with GTK+ 3.6.4, with Cairo 1.12.12, with Pango 1.32.5, with GLib 2.34.3, with libpcap, with libz 
1.2.7, with POSIX capabilities (Linux), with libnl 3, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.1, 
without Python, with GnuTLS 3.1.16, with Gcrypt 1.5.4, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built 
Jan 13 2013), without AirPcap.

Running on Linux 3.10.60-desktop-1.mga3, with locale en_US.UTF-8, with libpcap version 1.3.0, with libz 1.2.7, GnuTLS 
3.1.16, Gcrypt 1.5.4.
Intel(R) Core(TM) i7 CPU         950  @ 3.07GHz

Built using gcc 4.7.2.

Advice on how to stop an active capture without resorting to the kill command would be most appreciated.
Thank you.
--
Leon
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: