THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question

Revision history  [back]

Revision 1
Jaap's avatar
13.7k
Jaap
answered 2022-08-28 04:58:55 +0000

You've created a situation in which you've installed Wireshark deb packages from the distribution and build and installed Wireshark from source. Even though this is possible one has to be aware of what programs you run when using the various tools.

Depending on the composition of your PATH environment variable in your shell running tshark may either run the deb package installed one, or your own locally build and installed one.

Running sudo dpkg-reconfigure wireshark-common has only effect on the deb package installed Wireshark programs, not the locally build and installed dumpcap.

Setting the capabilities directly on the locally build and installed dumpcap does solve the underlying problem for the locally build and installed tshark.