I had been using wireshark on my ubuntu 14.04 pc. I had a power loss while in use. After I rebooted the PC and restarted wireshark I cannot start a capture. Wireshark crashes. I tried upgrading to the latest version but wireshark still crashes when I start the capture. I also tried running the dpkg-reconfigure wireshark common to make sure permissions are coreect. Running in default user. Suggestions Greatly Appreciated, Terry asked 12 Jan '17, 07:47  Terry1337 showing 5 of 13 show 8 more comments |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Since you've rebooted your computer we can assume that a file has been corrupted?
Can you still run dumpcap from the command line? Can you capture using dumpcap?
Can you still run tshark from the command line? Can you capture using tshark?
Do you run Wireshark with the Qt or GTK interface?
There are so many things to try. Even reinstalling or replacing your personal wireshark preferences.
Sorry I am not very experienced with Ubuntu or Wireshark. When I open Wireshark it displays the past files accesed and also at the bottom of the screen the network interfaces. There is a graph that displays an advancing data stream on it.
I ran the code dumpcap -i eth0 -a duration:60 -w output.pcapng. It seemed to accumulate data I had 257 packets captured. I entered output.pcapng in the terminal and it displays command not found.
I did a double click on the advancing interface eth0 it opened wireshark then it crashed.
I ran tshark -i eth0 -c 100 -w outpu2.pcapng. The command completed. When I entered outpu2.pcapng it comes up command not found.
If you type just the name of a data file on the command line, without an actual command name, that's what will happen.
In what application's window did you do the double-click?
I tried removing and reinstalling wireshark and did not help the situation.
Perhaps your
preferencesfile (or some other Wireshark-specific file) is corrupt? Mine is located at~/.wireshark/preferences.You might try to simply rename the
.wiresharkfolder to something else, e.g.,mv .wireshark .wireshark-save, and allow Wireshark to start up with default preferences instead. If successful, you can then diff the newly createdpreferencesfile with your saved one to try to figure out what the corruption was that caused Wireshark to crash.I cannot find the preferences file in my wireshark folder.
I just tried switching to my admin user. I am able to start wireshark but the start capture are greyed out. I double clicked on the eht0 line below and that started a capture, but cannot change capture settings because they are greyed out.
I cannot find the preferences file in my wireshark folder.
Did you try renaming the entire
.wiresharkfolder?I just tried renaming the wireshark folder. That did not help, the prgram still chrashes when I start a capture.
I just tried opening one of my old captures and that also caused wireshark to crash.