C:\Program Files\Wireshark>tshark -v
TShark (Wireshark) 3.6.2 (v3.6.2-0-g626020d9b3c3)
i)
C:\Program Files\Wireshark>tshark -D
1. \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D} (Local Area Connection* 11)
2. \Device\NPF_{04139B68-62C6-4DB1-BFBF-A760ED12A89F} (Local Area Connection* 10)
3. \Device\NPF_{DF9D2BE3-E6D5-4A21-AC03-1843EF8D20AF} (Local Area Connection* 9)
4. \Device\NPF_{18C1F50D-AB34-4264-A46C-F07B12DC8374} (Bluetooth Network Connection)
5. \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E} (Wi-Fi)
6. \Device\NPF_{673D9231-1802-400C-9A52-E9961C4100E8} (Local Area Connection* 12)
7. \Device\NPF_{6D8E8D22-C3A8-4970-8C9C-220C72864FEC} (Local Area Connection* 3)
8. \Device\NPF_Loopback (Adapter for loopback traffic capture)
ii)
C:\Program Files\Wireshark>tshark -i \Device\NPF_{1D7EE94E-FEF2-4C41-B99A-A667EA4B9E1D}
Capturing on 'Local Area Connection* 11'
** (tshark:11600) 16:57:18.532137 [Main MESSAGE] -- Capture started.
** (tshark:11600) 16:57:18.534207 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Local Area Connection- 11TDSJI1.pcapng"
0 packets captured
iii)
I try the wifi interface as follow, it seams capturing something , but no window display. only in the command line ie: no window display as a normal Windows program does.
pls see be low
C:\Program Files\Wireshark>tshark -i \Device\NPF_{6E16E41D-19BE-4A19-BEAE-D3C97C1B132E}
Capturing on 'Wi-Fi'
** (tshark:2756) 16:59:54.232843 [Main MESSAGE] -- Capture started.
** (tshark:2756) 16:59:54.235762 [Main MESSAGE] -- File: "C:\Users\heye\AppData\Local\Temp\wireshark_Wi-FiCEFRI1.pcapng"
1 0.000000 192.168.10.129 → 192.168.10.255 UDP 82 57797 → 1947 Len=40
2 1.099626 IntelCor_fe:6b:04 → BelkinIn_40:b5:f2 ARP 42 Who has 192.168.10.1? Tell 192.168.10.129
3 1.100264 BelkinIn_40:b5:f2 → IntelCor_fe:6b:04 ARP 42 192.168.10.1 is at 30:23:03:40:b5:f2
4 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general
5 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general
6 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general
7 5.813399 0.0.0.0 → 224.0.0.1 IGMPv2 46 Membership Query, general
8 6.107851 192.168.10.129 → 224.0.0.251 IGMPv2 46 Membership Report group 224.0.0.251
9 7.879010 104.17.108.108 → 192.168.10.129 TLSv1.2 568 Application Data
10 7.879163 192.168.10.129 → 104.17.108.108 TLSv1.2 404 Application Data
11 7.883352 104.17.108.108 → 192.168.10.129 TCP 54 443 → 49817 [ACK] Seq=515 Ack=351 Win=122 Len=0
12 10.610794 192.168.10.129 → 224.0.0.252 IGMPv2 46 Membership Report group 224.0.0.252
13 10.795325 103.124.106.123 → 192.168.10.129 TLSv1.2 452 Application Data
14 10.850098 192.168.10.129 → 103.124.106.123 TCP 54 49956 → 443 [ACK] Seq=1 Ack=399 Win=511 Len=0
15 11.053569 192.168.10.129 → 199.232.46.114 TCP 55 [TCP segment of a reassembled PDU]
16 11.056589 199.232.46.114 → 192.168.10.129 TCP 66 443 → 50355 [ACK] Seq=1 Ack ... (more)
Run it from a command shell and report the console output shown, if any. Also try running tshark in the command shell, and see what happens.
running in the command line : nothing happen , pls see attached picture!, sorry i am not allowed to attached the picture
c:\program files \Wireshark\wireshark.exe
response
c:\program files\wireshark> "nothing happen"
when running tshark in command line response :
...nothing happen.....hang!
Okay, that is very little to go on.
One observation though, how come it says
File "c:\Users\heye\AppData\Local|Temp\wireshark_Loc...Where's that pipe symbol between Local and Temp coming from?PS: I'm not a Windows user, so can only state the obvious here.