 | 1 | initial version |
I see on clicking the compile bpfs the output as 'unknown data link type -1'
That's a bug. Please report it on the Wireshark Bugzilla so we can attempt to figure out what's causing it and fix it.
What does tcpdump print when you run sudo tcpdump -i ens33? In particular, what are the first two lines it prints? It should print something such as
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type {something}, capture size {something} bytes