How to install Wireshark on Linux and capture USB traffic?

Question

How to install Wireshark on Linux and capture USB traffic?

I encountered many problems installing Wireshark and capturing USB traffic, especially due to user rights.

In the answer, I describe the complete workflow for this. The answers to each individual problem are provided in different forums, so I decided to put everything together in one answer to prevent future users on Google from experiencing every problem they encounter.

+12

linux ubuntu root wireshark usb

matthieu Jun 25 '15 at 15:21

source share

1 answer

matthieu · Accepted Answer · 2015-06-25T15:21:01+0000

Tested on Ubuntu 14.04, but probably works on other distributions as none of the steps apply to Ubuntu.

When you first read the manual, follow all steps 1 → 7.

6 7, USB Wireshark.

Wireshark libpcap:
sudo apt-get install wireshark libpcap0.8
Debian, Ubuntu Debian 3.
Linux . Wireshark Wiki, 6.
wireshark, - :
sudo dpkg-reconfigure wireshark-common
<Yes>
"wireshark":
sudo usermod -a -G wireshark <your_username>
, , , :
groups <your_username>
, "wireshark" :
groupadd wireshark
(. )
. .
, . , :
uname -r
2.6.21, debugfs /sys/kernel/debug, , , :
sudo mount -t debugfs / /sys/kernel/debug
2.6.21 usbmon :
sudo modprobe usbmon
. Wireshark Wiki .
usbmon Wireshark, , dumpcap ( Wireshark):
sudo dumpcap -D
usbmon *. usbmon:
ls -l /dev/usbmon*
usbmon * 'crw-------', , Wireshark , root. wireshark root, . :
sudo setfacl -m u:$USER:r /dev/usbmon*