by WastedHat » Tue Jun 28, 2016 10:28 am
Hi, does anyone know how to monitor traffic on the Pi over a remote connection with the Wireshark GUI?
So far I’ve tried using the native X window server on OSX with
ssh -l pi -X then wireshark, which opens Wireshark in OSX however there are no capture interfaces available and the funcationality isnt all there. I also get the an error in terminal which is a known bug but I’m not sure how it relates to wireshark not working properly.
“** (wireshark:1367): WARNING **: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files”
I also tried ssh -l pi ‘tshark -f “port !22″ -w -’ | wireshark -k -i - but no luck, I only get the local interfaces on my Mac.
I’m using Tshark for now but I would prefer the GUI. Thanks for any help.
———————————————— ———————————————— ————————————————
by Romonga » Tue Jun 28, 2016 11:45 am
Try gksudo wireshark after you ssh in with the -X option.
———————————————— ———————————————— ————————————————
by WastedHat » Tue Jun 28, 2016 4:07 pm
Thanks for your reply. I tried what you suggested and it loads wireshark with the correct interfaces but it throws up a few warnings about running wireshark as root, as soon as I close the warnings wireshark quits with an error message.
(wireshark:2004): Gdk-WARNING **: wireshark: Fatal IO error 11 (Resource temporarily unavailable) on X server localhost:10.0.
I followed this … -on-debian
to run wireshark without root and it opens without the warnings with the correct interfaces however when I click anything on the GUI it closes with the same error.
I’ll just stick with Tshark for now and FTP the packet capture if I really need the GUI. Would be nice to have it live.
———————————————— ———————————————— ————————————————
by WastedHat » Tue Jun 28, 2016 4:08 pm
Forgot to add that I’m running Raspbian and its updated.
———————————————— ———————————————— ————————————————
by Romonga » Tue Jun 28, 2016 5:59 pm
WastedHat wrote:Forgot to add that I’m running Raspbian and its updated.
When you installed it. Did you do an sudo apt-get install wireshark ?