Why Tshark hangs after starting?
Hello and good day! I've installed Wireshark on a Linux server and use tshark with the command line to capture network packets. Tshark ran for several months capturing packets but now hangs:
tshark -help
Running as user "xxxxx" and group "root". This could be dangerous.
tshark -z
Running as user "xxxxx" and group "root". This could be dangerous.
tshark -Nnm -t ad -c 1 -i br0 -i eth0 -T fields -e frame.number -e _ws.col.Time -e frame.interface_name -e frame.protocols -e frame.len
Running as user "xxxxx" and group "root". This could be dangerous.
All tshark commands stop at this same location. So for I've tried server reboot, remove/reinstall Wireshark/Tshark, and system reset to factory default/reinstall Linux. General web search suggests Wireshark/tshark permission issue but I'm unsure if permissions issue because tshark commands previously worked for several months.
Has anyone seen this type of issue or can provide suggestions how to correct?
Look at:
WSUG: 2.6.2. Installing from debs under Debian, Ubuntu and other Debian derivatives and Wireshark blog: Running Wireshark as You for steps to run without root.
Always the first thing to do is run tshark -D, to get an idea of what interfaces it sees. Don't know what command line parameters you give when starting this, but without an interface name it tries the first non-loopback interface. Also don' know what Linux distro version this is, nor the tshark version.