![]() ![]() ![]() ![]() You have the option -i in tcpdump or tshark calling it from the command line you can create a sudo authorization to tshark or tcpdump that allows your user to use it only with -i interface the main loopback interface is usually lo in LinuxĪs in in /etc/sudoers: user ALL=NOPASSWD: /usr/sbin/tcpdump -i lo -s0 -w. It appears that while wireshark has an option for selecting the interface, it allows overriding it in the graphical interface.Īs such, you can give sudo privilege for tcpdump and or tshark (text mode wireshark) to capture packets, and then read them later with wireshark -r file. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |