Live Capture Decryption of WireGuard Traffic
Dear WireShark Community,
I installed a WireGuard Server on Ubuntu 20.04. It is working fine and I can detect the traffic with WireShark. Now I want to do some more research about the protocol, so I want to see the decrypted traffic.
It was possible to enter the static keys in the key-log-file, but in the WireShark Wiki there is also a section about Live capture with decryption support. I was able to run "Make" to create all the files in the directory, but now when I want to run extract-handshakes.sh it is failing with the error:
echo: write error: No such file or directory
in the line
echo "p:wireguard/idxadd index_hashtable_insert ${ARGS[*]}" >> /sys/kernel/debug/tracing/kprobe_events
So it seems like the necessary WireGuard Events do not exist. There is also no wireguard-directory in the /sys/kernel/debug/tracing/events/-directory in my OS, even though the script is trying to access it.
In the Solus Forum, somebody was facing the same problem. They were not able to find a solution.
Do you have any idea what could be the problem? Otherwise it could make sense to remove this entry from the WireShark-Wiki.
Thank you for your support!
Tim