Hi, does anyone know how to monitor traffic on the Pi over a remote connection with the Wireshark GUI?
So far I've tried using the native X window server on OSX with
ssh -l pi -X 192.168.1.170 then wireshark, which opens Wireshark in OSX however there are no capture interfaces available and the funcationality isnt all there. I also get the an error in terminal which is a known bug but I'm not sure how it relates to wireshark not working properly.
"** (wireshark:1367): WARNING **: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files"
I also tried ssh -l pi 192.168.1.170 'tshark -f "port !22" -w -' | wireshark -k -i - but no luck, I only get the local interfaces on my Mac.
I'm using Tshark for now but I would prefer the GUI. Thanks for any help.
Re: Wireshark remote monitoring with GUI
Try gksudo wireshark after you ssh in with the -X option.
You can run, but you will only die tired.
Re: Wireshark remote monitoring with GUI
Thanks for your reply. I tried what you suggested and it loads wireshark with the correct interfaces but it throws up a few warnings about running wireshark as root, as soon as I close the warnings wireshark quits with an error message.
(wireshark:2004): Gdk-WARNING **: wireshark: Fatal IO error 11 (Resource temporarily unavailable) on X server localhost:10.0.
I followed this http://superuser.com/questions/319865/h ... -on-debian
to run wireshark without root and it opens without the warnings with the correct interfaces however when I click anything on the GUI it closes with the same error.
I'll just stick with Tshark for now and FTP the packet capture if I really need the GUI. Would be nice to have it live.
(wireshark:2004): Gdk-WARNING **: wireshark: Fatal IO error 11 (Resource temporarily unavailable) on X server localhost:10.0.
I followed this http://superuser.com/questions/319865/h ... -on-debian
to run wireshark without root and it opens without the warnings with the correct interfaces however when I click anything on the GUI it closes with the same error.
I'll just stick with Tshark for now and FTP the packet capture if I really need the GUI. Would be nice to have it live.
Re: Wireshark remote monitoring with GUI
Forgot to add that I'm running Raspbian and its updated.
Re: Wireshark remote monitoring with GUI
When you installed it. Did you do an sudo apt-get install wireshark ?WastedHat wrote:Forgot to add that I'm running Raspbian and its updated.
You can run, but you will only die tired.
Re: Wireshark remote monitoring with GUI
Did you happen to read through the Wireshark Wiki, especially this part? https://wiki.wireshark.org/CaptureSetup
Ren: Now listen, Cadet. I've got a job for you. See this button? Ren: Don't touch it! It's the History Eraser button, you fool! Stimpy: So what'll happen? Ren: That's just it. We don't know. Maybe something bad, maybe something good.
Re: Wireshark remote monitoring with GUI
YesRomonga wrote:When you installed it. Did you do an sudo apt-get install wireshark ?WastedHat wrote:Forgot to add that I'm running Raspbian and its updated.
Re: Wireshark remote monitoring with GUI
I had a quick read through but I don't have time to explore the links in detail. It runs ok locally on the Pi, it's just being temperamental when I try to get the GUI over SSH.broe23 wrote:Did you happen to read through the Wireshark Wiki, especially this part? https://wiki.wireshark.org/CaptureSetup
Re: Wireshark remote monitoring with GUI
I also had issues running the GUI over ssh. gksudo solved that issue for me. I understand you did try it and it failed.WastedHat wrote:I had a quick read through but I don't have time to explore the links in detail. It runs ok locally on the Pi, it's just being temperamental when I try to get the GUI over SSH.broe23 wrote:Did you happen to read through the Wireshark Wiki, especially this part? https://wiki.wireshark.org/CaptureSetup
You can run, but you will only die tired.