Wireshark, built from source - no interfaces found, but the version from the APT repo works

asked 2020-04-16 01:12:26 +0000

ralpha
1 ●1 ●2 ●2

updated 2020-04-16 19:34:07 +0000

Guy Harris
19890 ●3 ●659 ●207

I have an issue with Wireshark 3.2.3 (compiled from source). It does not show any interfaces to capture packets from.

But this does not seem to be an issue with dumpcap permissions. My dumpcap already has the right permissions and is functional on older Wireshark versions (2.6.10). Proof:

$ dumpcap -D
1. enp0s25
2. any
3. lo (Loopback)
4. bluetooth0
....

Also see this screenshot:

(Left is version 2.6.10 from apt repo, right is version 3.2.3 compiled from source)

I also tried the version from: https://launchpad.net/~wireshark-dev/... but that one does not seem to open (other errors with libs)

So I can not get v3.2.3 to work and give me a list of interfaces. I don't see other problems with v3.2.3. Does anyone know what the problem is or could be?

Even when I run wireshark as root I don't get any interfaces.

$ ./wireshark 
qt5ct: using qt5ct plugin
qt5ct: D-Bus global menu: no
$ (back to terminal if I close UI, no other messages)

System running Linux Mint 19.1 (Ubuntu 18.04)

edit retag flag offensive close merge delete

Comments

What is the output of dumpcap -D for the 3.2.3 (compiled from source).

Chuckc ( 2020-04-16 01:42:52 +0000 )edit

I did not know dumpcap was part of wireshark itself, So I looked/search though the code and saw that libpcap-dev was required to compile the dumpcap binary. And it seem that if is now created, it was not in the build directory before. And is seem to give me the same output as above. Recompiling the rest of wireshark. Let see if this solves the problem. Why does it not use the dumpcap already in my /usr/bin folder?

ralpha ( 2020-04-16 02:58:44 +0000 )edit

Check Help->About Wireshark->Folders to see the path to programs.

More info on running multiple versions: https://www.wireshark.org/docs/wsdg_h...

Chuckc ( 2020-04-16 03:20:24 +0000 )edit

add a comment

answered 2020-04-16 03:46:37 +0000

ralpha
1 ●1 ●2 ●2

The solution to this problem was that libpcap-dev is required to compile dumpcap.

As noted in the CMakeList.txt file: "Dumpcap was requested but libpcap dependency is not available. Wireshark will be built without packet capture capability."

This is (probably) part of the optional packages of wireshark. You can see a list of all optional packages that where NOT build at the end of the cmake command.

After installing libpcap-dev, I used sudo apt install libpcap-dev, make clean you build directory and recompile using cmake and make. Build info here: https://www.wireshark.org/docs/wsug_h...

Thanks to @bubbasnmp for helping me and making me look in the right direction. :)

Comments

IME, running sudo apt build-dep wireshark-qt (or package of your choice) will pull in all the required dependencies.

grahamb ( 2020-04-16 10:03:50 +0000 )edit

And there's tools/debian-setup.sh for you as well in the Wireshark source code

Jaap ( 2020-04-17 06:48:40 +0000 )edit

That info might be very useful to include in https://www.wireshark.org/docs/wsug_h... for other people

ralpha ( 2020-04-18 04:50:14 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Wireshark, built from source - no interfaces found, but the version from the APT repo works

Comments

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Wireshark, built from source - no interfaces found, but the version from the APT repo works edit

Comments

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Wireshark, built from source - no interfaces found, but the version from the APT repo works