My goal is to capture packets with tshark in Amazon Linux AMI. While typing tshark in the command line there's an error:
"tshark: There are no interfaces on which a capture can be done"
How to implement the solution from Wireshark setup Linux for nonroot user
$ sudo apt-get install wireshark
$ sudo dpkg-reconfigure wireshark-common
$ sudo usermod -a -G wireshark $USER
$ gnome-session-quit --logout --no-prompt
in Amazon Linux AMI (it's not Ubuntu)?
Best Answer
Using sudo
I think you need to find out what interface is being used for your network and then just tell
tshark
about it.Example
Network devices present on my box.
Run
tshark
:Using capabilities
The Amazon AMI instances are based on CentOS so you may be able to use the following steps to accomplish what you're after.
The above creates the Unix group
wireshark
, adds the usersaml
to it, and then adds the capabilities using the toolsetcap
to allow others access to thedumpcap
file.Example
You can read more about Linux'
capabilities
facility via the man pages,man capabilities
.References