thinktanklinux/Wireshark

## Wireshark
Install Stable Wireshark release
If you’re more interested in stability as opposed to cutting edge features, then you can install stable release of Wireshark on Ubuntu 20.04 / 18.04 / 16.04.
Add PPA repository and install Wireshark.
sudo add-apt-repository ppa:wireshark-dev/stable
sudo apt update
sudo apt -y install wireshark
Install Wireshark Development version
To get the development release, add
sudo add-apt-repository ppa:dreibh/ppa
Install Wireshark from the repository:
sudo apt update
sudo apt -y install wireshark
When asked whether to allow non-superusers to capture packets, select your option and finish the installation.
Check installed Wireshark version:
$ wireshark --version
 Wireshark 2.9.0 (Git Rev Unknown from unknown)
 Copyright 1998-2018 Gerald Combs gerald@wireshark.org and contributors.
 License GPLv2+: GNU GPL version 2 or later http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
 This is free software; see the source for copying conditions. There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 Compiled (64-bit) with Qt 5.9.5, with libpcap, with POSIX capabilities (Linux),
 with libnl 3, with GLib 2.56.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares
 1.14.0, with Lua 5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with MIT
 Kerberos, with MaxMind DB resolver, without nghttp2, with LZ4, with Snappy, with
 libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.
 Running on Linux 4.15.0-20-generic, with Intel(R) Core(TM) i5-8250U CPU @wireshark --version
 1.60GHz (with SSE4.2), with 985 MB of physical memory, with locale
 LC_CTYPE=en_US.UTF-8, LC_NUMERIC=om_KE.UTF-8, LC_TIME=om_KE.UTF-8,
 LC_COLLATE=en_US.UTF-8, LC_MONETARY=om_KE.UTF-8, LC_MESSAGES=en_US.UTF-8,
 LC_PAPER=om_KE.UTF-8, LC_NAME=om_KE.UTF-8, LC_ADDRESS=om_KE.UTF-8,
 LC_TELEPHONE=om_KE.UTF-8, LC_MEASUREMENT=om_KE.UTF-8,
 LC_IDENTIFICATION=om_KE.UTF-8, with libpcap version 1.8.1, with GnuTLS 3.5.18,
 with Gcrypt 1.8.1, with zlib 1.2.11, binary plugins supported (0 loaded).
 Built using gcc 7.3.0.
Configure and start Wireshark
To be able to capture packets as normal user, add your user to wireshark group.
sudo usermod -a -G wireshark $USER
 change dumpcap binary file permissions.
sudo chgrp wireshark /usr/bin/dumpcap
sudo chmod 750 /usr/bin/dumpcap
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
Verify:
$ sudo getcap /usr/bin/dumpcap
 /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
Starting Wireshark
Launching Wireshark application can be done from the CLI or applications launcher.

To start Wireshark from GUI, search for wireshark and hit the enter button.

The same can be done from command line by typing:
$ wireshark
To test packets capturing, select interface to use and click “Start capturing packets” button

And boom!. You now have Wireshark installed and working on your Ubuntu 18.04 / Ubuntu 16.04 Desktop machine.
	Install Stable Wireshark release
	If you’re more interested in stability as opposed to cutting edge features, then you can install stable release of Wireshark on Ubuntu 20.04 / 18.04 / 16.04.
	Add PPA repository and install Wireshark.
	sudo add-apt-repository ppa:wireshark-dev/stable
	sudo apt update
	sudo apt -y install wireshark
	Install Wireshark Development version
	To get the development release, add
	sudo add-apt-repository ppa:dreibh/ppa
	Install Wireshark from the repository:
	sudo apt update
	sudo apt -y install wireshark
	When asked whether to allow non-superusers to capture packets, select your option and finish the installation.
	Check installed Wireshark version:
	$ wireshark --version
	Wireshark 2.9.0 (Git Rev Unknown from unknown)
	Copyright 1998-2018 Gerald Combs gerald@wireshark.org and contributors.
	License GPLv2+: GNU GPL version 2 or later http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	This is free software; see the source for copying conditions. There is NO
	warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
	Compiled (64-bit) with Qt 5.9.5, with libpcap, with POSIX capabilities (Linux),
	with libnl 3, with GLib 2.56.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares
	1.14.0, with Lua 5.2.4, with GnuTLS 3.5.18, with Gcrypt 1.8.1, with MIT
	Kerberos, with MaxMind DB resolver, without nghttp2, with LZ4, with Snappy, with
	libxml2 2.9.4, with QtMultimedia, with SBC, with SpanDSP, without bcg729.
	Running on Linux 4.15.0-20-generic, with Intel(R) Core(TM) i5-8250U CPU @wireshark --version
	1.60GHz (with SSE4.2), with 985 MB of physical memory, with locale
	LC_CTYPE=en_US.UTF-8, LC_NUMERIC=om_KE.UTF-8, LC_TIME=om_KE.UTF-8,
	LC_COLLATE=en_US.UTF-8, LC_MONETARY=om_KE.UTF-8, LC_MESSAGES=en_US.UTF-8,
	LC_PAPER=om_KE.UTF-8, LC_NAME=om_KE.UTF-8, LC_ADDRESS=om_KE.UTF-8,
	LC_TELEPHONE=om_KE.UTF-8, LC_MEASUREMENT=om_KE.UTF-8,
	LC_IDENTIFICATION=om_KE.UTF-8, with libpcap version 1.8.1, with GnuTLS 3.5.18,
	with Gcrypt 1.8.1, with zlib 1.2.11, binary plugins supported (0 loaded).
	Built using gcc 7.3.0.
	Configure and start Wireshark
	To be able to capture packets as normal user, add your user to wireshark group.
	sudo usermod -a -G wireshark $USER
	change dumpcap binary file permissions.
	sudo chgrp wireshark /usr/bin/dumpcap
	sudo chmod 750 /usr/bin/dumpcap
	sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
	Verify:
	$ sudo getcap /usr/bin/dumpcap
	/usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
	Starting Wireshark
	Launching Wireshark application can be done from the CLI or applications launcher.

	To start Wireshark from GUI, search for wireshark and hit the enter button.

	The same can be done from command line by typing:
	$ wireshark
	To test packets capturing, select interface to use and click “Start capturing packets” button

	And boom!. You now have Wireshark installed and working on your Ubuntu 18.04 / Ubuntu 16.04 Desktop machine.