One of the following methods can be used to start capturing packets with Wireshark:
-
You can get an overview of the available local interfaces using the "
Capture Interfaces" dialog box, see
Figure 4.1, “The "Capture Interfaces" dialog box on Microsoft Windows” or
Figure 4.2, “The "Capture Interfaces" dialog box on Unix/Linux”. You can start a
capture from this dialog box, using (one of) the "Capture" button(s).
-
You can start capturing using the "
Capture Options" dialog box, see
Figure 4.3, “The "Capture Options" dialog box”.
-
If you have selected the right capture options before, you can immediately start a capture using the "
Capture Start" menu / toolbar item. The capture
process will start immediately.
-
If you already know the name of the capture interface, you can start Wireshark from the command line and use the following:
wireshark -i eth0 -kThis will start Wireshark capturing on interface eth0, more details can be found at: Section 10.2, “Start Wireshark from the command line”.