There are no interfaces on which a capture can be done
Matthew Barrera 
I'm using Ubuntu 13.04.
Wireshark won't show me any logs, won't function at all. I'm connected to my WiFi, Belkin router.
25 Answers
Open a terminal by pressing Ctrl+Alt+T and type the following commands:
sudo dpkg-reconfigure wireshark-commonpress the right arrow and enter for yes
sudo chmod +x /usr/bin/dumpcapyou should now be able to run it without root and you will be able to capture.
4The "No interface can be used for capturing in this system with the current configuration" message commonly appears when you don't have the privileges to access the network interfaces for monitoring. Try opening a terminal and running gksudo wireshark. If several network interfaces appear, it's because when you run wireshark without root permissions you don't have the privileges to monitor.
To fix that, run the following command in a terminal:
sudo setcap CAP_NET_RAW,CAP_NET_ADMIN,CAP_DAC_OVERRIDE+eip /usr/bin/dumpcapWhen I tried to run wireshark I was getting this error:
Couldn't run /usr/bin/dumpcap in child process: Permission deniedso I used to run it as root, which disabled LUA. The pop-up window informing me that the LUA has been disabled was so annoying, that I tried to fix it.
first off I checked privileges by running
ls -l /usr/bin/dumpcapwhich resulted in :
-rwxr-xr-- 1 root wireshark 96464 Jan 24 10:31 /usr/bin/dumpcapthis was obvious, that's what Wireshark has been telling me. So I just changed the owner from root to my acc
sudo chown -R $LOGNAME /usr/bin/dumpcapWhich worked, I can now run wireshark without root
Googled “couldn't run /usr/bin/dumpcap in child process” and found this question:
I'm not able to use wireshark "couldn't run /usr/bin/dumpcap in child process"
Which is marked as duplicate and brought me here. The proposed solution is:
sudo chmod +x /usr/bin/dumpcapThe above command really works, but I would like to add a security WARNING. That will allow packet capture for ALL USERS on the system. It can be a temporary solution, but not desired as permanent solution.
I followed the instructions from wireshark page about about capture privileges:
They RECOMMEND restrict dumpcap execution to a specific group or user.
I followed those instructions (with adaptations):
Setting network privileges for dumpcap if your kernel and file system support file capabilities
Ensure that you have installed the necessary tools, such as the setcap command.
sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
(NOTE: Replace /usr/bin with /usr/sbin in case you receive an error that indicates that dumpcap isn't in /usr/bin)
- Start Wireshark as non-root and ensure you see the list of interfaces and can do live capture. (I IGNORED THIS INSTRUCTION. DID NOT WORK FOR ME)
Setting network privileges for dumpcap if your kernel and file system don't support file capabilities
In this case, you will need to make dumpcap set-UID to root.
sudo chown root /usr/bin/dumpcap (NOTE: Replace /usr/bin with /usr/sbin in this command and the next command in case you receive an error that indicates that dumpcap isn't in /usr/sbin)
sudo chmod u+s /usr/bin/dumpcap
Limiting capture permission to only one group
After having set dumpcap's network privileges:
Create user "wireshark" in group "wireshark".
sudo chgrp wireshark /usr/sbin/dumpcapsudo chmod o-rx /usr/sbin/dumpcapEnsure Wireshark works only from root and from a user in the "wireshark" group (I DID THIS STEP ONLY IN THE END - NOT OVER YET)
And finally, two more steps:
sudo dpkg-reconfigure wireshark-commonChoose 'yes'.
Log out ALL interfaces for the user (including ssh which was my biggest mistake) and log in again.
Hopefully, you should start wireshark and see all the interfaces as a regular user (not using sudo)
wireshark &And if you check the file permissions
ls -la /usr/bin/dumpcapIt allows ONLY the USER and the GROUP to execute
-rwxr-xr-- 1 root wireshark
On Ubuntu 20.04, I followed the instructions displayed when I tried and failed to start capture.
On my first attempt I didn't read the entire message and missed the final step: log out & login again.
