SHARE
TWEET

/usr/share/doc/wireshark-common/README.Debian

a guest Jun 14th, 2011 22,096 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. I. Capturing packets with Wireshark/Tshark
  2.  
  3.    There are two ways of installing Wireshark/Tshark on Debian:
  4.  
  5.    I./a. Installing dumpcap without allowing non-root users to capture packets
  6.  
  7.       Only root user will be able to capture packets. It is advised to capture
  8.       packets with the bundled dumpcap program as root and then run
  9.       Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]
  10.  
  11.       This is the default on Debian systems.
  12.      
  13.    I./b. Installing dumpcap and allowing non-root users to capture packets
  14.  
  15.       Members of the wireshark group will be able to capture packets on network
  16.       interfaces. This is the preferred way of installation if Wireshark/Tshark
  17.       will be used for capturing and displaying packets at the same time, since
  18.       that way only the dumpcap process has to be run with elevated privileges
  19.       thanks to the privilege separation[1].
  20.  
  21.       Note that no user will be added to group wireshark automatically, the
  22.       system administrator has to add them manually.
  23.  
  24.       The additional privileges are provided using the Linux Capabilities
  25.       system where possible or using the set-user-id bit, where the Linux
  26.       Capabilities are not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).
  27.  
  28.       Linux kernels provided by Debian support Linux Capabilities, but custom
  29.       built kernels may lack this support. If the support for Linux
  30.       Capabilities is not present at the time of installing wireshark-common
  31.       package, the installer will fall back to set the set-user-id bit to
  32.       allow non-root users to capture packets.
  33.  
  34.       If installation succeeds with using Linux Capabilities, non-root users
  35.       will not be able to capture packets while running kernels not supporting
  36.       Linux Capabilities.
  37.  
  38.      
  39.    The installation method can be changed any time by running:
  40.    dpkg-reconfigure wireshark-common
  41.  
  42.  
  43. II. Installing SNMP MIBs
  44.  
  45.     SNMP [4] OIDs can be decoded using MIBs provided by other packages.
  46.     wireshark-common suggests snmp-mibs-downloader which package can be used to
  47.     download a set of common MIBs Wireshark/Tshark tries to load at startup.
  48.  
  49.     At the time of writing, MIBs are distributed under DFSG incompatible terms
  50.     [5] thus snmp-mibs-downloader has to be in the non-free archive area.
  51.     To keep wireshark in the main area [7], wireshark-common does not depend on
  52.     or recommend snmp-mibs-downloader and as a result snmp-mibs-downloader is
  53.     not installed automatically with wireshark.
  54.  
  55.     To make Wireshark/Tshark able to decode OIDs, please install
  56.     snmp-mibs-downloader manually.
  57.  
  58.     To help Wireshark/Tshark to decode OIDs without having to install packages
  59.     manually, please support the initiative of requesting additional rights
  60.     from RFC authors [5].
  61.  
  62.  
  63.    [1] http://wiki.wireshark.org/Development/PrivilegeSeparation
  64.    [2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
  65.    [3] https://blog.wireshark.org/2010/02/running-wireshark-as-you
  66.    [4] http://wiki.wireshark.org/SNMP
  67.    [5] http://wiki.debian.org/NonFreeIETFDocuments
  68.    [6] http://www.debian.org/doc/debian-policy/ch-archive.html#s-non-free
  69.    [7] http://www.debian.org/doc/debian-policy/ch-archive.html#s-main
RAW Paste Data
Pastebin PRO Autumn Special!
Get 40% OFF on Pastebin PRO accounts!
Top