“tshark: There are no interfaces on which a capture can be done” in Amazon Linux AMI

amazon ec2tsharkwireshark

My goal is to capture packets with tshark in Amazon Linux AMI. While typing tshark in the command line there's an error:
"tshark: There are no interfaces on which a capture can be done"

How to implement the solution from Wireshark setup Linux for nonroot user

$ sudo apt-get install wireshark
$ sudo dpkg-reconfigure wireshark-common 
$ sudo usermod -a -G wireshark $USER
$ gnome-session-quit --logout --no-prompt

in Amazon Linux AMI (it's not Ubuntu)?

Best Answer

Using sudo

I think you need to find out what interface is being used for your network and then just tell tshark about it.

Example

Network devices present on my box.

$ ip addr|grep '^[0-9]'|awk '{print $2}'
lo:
eth0:
wlan0:

Run tshark:

$ sudo tshark -i wlan0 | head -5
..start seeing output from tshark...

Using capabilities

The Amazon AMI instances are based on CentOS so you may be able to use the following steps to accomplish what you're after.

$ sudo groupadd wireshark
$ sudo usermod -a -G wireshark saml
$ setcap cap_net_raw,cap_net_admin=eip /usr/sbin/dumpcap

The above creates the Unix group wireshark, adds the user saml to it, and then adds the capabilities using the tool setcap to allow others access to the dumpcap file.

Example

$ tshark -i wlan0
Capturing on wlan0
  0.000000 108.160.163.38 -> 192.168.1.20 HTTP HTTP/1.1 200 OK  (text/plain)
  0.087199 108.160.163.38 -> 192.168.1.20 TCP http > 38987 [ACK] Seq=180 Ack=352 Win=83 Len=0 TSV=144745749 TSER=195830096
  0.253077 192.168.1.20 -> 255.255.255.255 DB-LSP-DISC Dropbox LAN sync Discovery Protocol
  0.253360 192.168.1.20 -> 192.168.1.255 DB-LSP-DISC Dropbox LAN sync Discovery Protocol
  0.779785 192.168.1.20 -> 74.125.225.115 HTTP HEAD / HTTP/1.1 
...

You can read more about Linux' capabilities facility via the man pages, man capabilities.

References

Related Solutions

Bash – How to convert Ubuntu init script to Amazon Linux AMI init script

I updated my script to following code. Although it is not able to create pidfile but it is working as I want. If anybody has better script then kindly post your answer.

#!/bin/bash

# chkconfig: 2345 95 05
# description: MY Application

# Source function library.
. /etc/init.d/functions

RETVAL=0
prog="myserver"
PIDFILE=/var/run/$prog.pid
LOCKFILE=/var/lock/subsys/$prog
PATH=/sbin:/usr/sbin:/bin:/usr/bin
JAVA=/usr/bin/java
DESC="MY Application"
DAEMON=$JAVA
DAEMON_HOME="/home/ganesh/MyServer/"
JAR=$DAEMON_HOME/MyServer.jar
DAEMON_ARGS="-Xms512m -Xmx4112m -jar $JAR"
SCRIPTNAME=/etc/init.d/myserver
#the user that will run the script
USER=root

#echo "All value sets"

start() {
    if [ -f $LOCKFILE ];
    then
        echo "$DESC is already running. Exiting."
        exit 1
    else
        echo -n "Starting $prog:"
        cd $DAEMON_HOME
        daemon --user $USER  --pidfile $PIDFILE $DAEMON $DAEMON_ARGS >/dev/null 2>&1 &
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch $LOCKFILE
    fi

    return $RETVAL
}

stop() {
        echo -n "Shutting down "$prog:
        kill -9  `ps -ef | grep "$JAR" | grep -v grep | awk '{ print $2 }'`        
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
        return $RETVAL
}

check_status() {
        #echo -n "Checking $prog status: "
        status $prog
        RETVAL=$?
        return $RETVAL
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    status)
        check_status
        ;;
    restart)
        stop
        start
        ;;
    *)

        echo "Usage: $prog {start|stop|status|restart}"
        exit 1
        ;;
esac
exit $RETVAL

EDIT:

Another Version of above script where I am creating pid file and using it to get status and stop the application. I think the following script is more reliable than above.

#!/bin/bash

# chkconfig: 2345 95 05
# description: MY Application

# Source function library.
. /etc/init.d/functions

RETVAL=0
prog="myserver"
PIDFILE=/var/run/$prog.pid
LOCKFILE=/var/lock/subsys/$prog
PATH=/sbin:/usr/sbin:/bin:/usr/bin
JAVA=/usr/bin/java
DESC="MY Application"
DAEMON=$JAVA
DAEMON_HOME="/home/ganesh/MyServer/"
JAR=$DAEMON_HOME/MyServer.jar
DAEMON_ARGS="-Xms512m -Xmx4112m -jar $JAR"
SCRIPTNAME=/etc/init.d/myserver
#the user that will run the script
USER=root

#echo "All value sets"

start() {
    if [ -f $PIDFILE ]; then
        PID=`cat $PIDFILE`
        if [ -z "`pgrep $PID`" ] && [ "$PID" != "`ps aux|grep -vE 'grep|runuser|bash'|grep -w "$JAR"|awk '{print $2}'`" ]; then
            printf "%s\n" "Process dead but pidfile exists"
        else
            printf "$prog is already running!\n"
        fi
    else
        printf "%-50s" "Starting $prog ..."
        cd $DAEMON_HOME
        daemon --user $USER $DAEMON $DAEMON_ARGS >/dev/null 2>&1 &
        sleep 5
        PID=`ps aux|grep -vE 'grep|runuser|bash'|grep -w "$JAR"|awk '{print $2}'`
        if [ -z "$PID" ]; then
            printf "[ \e[31mFAIL\033[0m ]\n"
        else
            echo $PID > $PIDFILE
            printf "[ \e[32mOK\033[0m ]\n"
        fi
    fi
}

stop() {
    printf "%-50s" "Shutting down $prog:"
    if [ -f $PIDFILE ]; then
        PID=`cat $PIDFILE`
        kill -HUP $PID 2>/dev/null
        printf "[ \e[32mOK\033[0m ]\n"
        rm -f $PIDFILE
    else
        printf "[ \e[31mFAIL\033[0m ]\n" 
    fi
}

check_status() {
    printf "%-50s" "Checking $prog ..."
    if [ -f $PIDFILE ]; then
        PID=`cat $PIDFILE`
        if [ -z "`pgrep $PID`" ] && [ "$PID" != "`ps aux|grep -vE 'grep|runuser|bash'|grep -w "$JAR"|awk '{print $2}'`" ]; then
            printf "%s\n" "Process dead but pidfile exists"
        else
            printf "[ \e[32mRUNNING\033[0m ]\n"
        fi
    else
        printf "[ \e[31mSTOPPED\033[0m ]\n"
    fi
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    status)
        check_status
        ;;
    restart)
        stop
        start
        ;;
    *)
        echo "Usage: $prog {start|stop|status|restart}"
        exit 1
        ;;
esac
exit 1

Best Answer

Using sudo

Example

Using capabilities

Example

References

Related Solutions

Bash – How to convert Ubuntu init script to Amazon Linux AMI init script

Related Question