-
-
Notifications
You must be signed in to change notification settings - Fork 2
Linux Wireshark Guide
Mattscreative edited this page Dec 5, 2025
·
2 revisions
Complete beginner-friendly guide to Wireshark on Linux, covering Arch Linux, CachyOS, and other distributions including network packet analysis, traffic inspection, and network debugging.
Arch/CachyOS:
# Install Wireshark
sudo pacman -S wireshark-qt
# Or CLI version
sudo pacman -S wireshark-cliDebian/Ubuntu:
sudo apt install wiresharkFedora:
sudo dnf install wiresharkConfigure permissions:
# Add user to wireshark group
sudo usermod -aG wireshark $USER
# Log out and back inStart Wireshark:
# Launch GUI
wireshark
# Or CLI
tsharkWireshark display:
- Top: Menu and toolbar
- Middle: Packet list
- Bottom: Packet details
Capture packets:
- Select interface
- Click Start
- View packets in real-time
- Stop when done
Configure capture:
- Interface: Select network interface
- Filter: Apply capture filter
- Options: Set capture options
View packet:
- Select packet
- View details in middle panel
- Inspect hex dump in bottom panel
Display filters:
# Filter by IP
ip.addr == 192.168.1.1
# Filter by port
tcp.port == 80
# Filter by protocol
http
Fix permissions:
# Add to wireshark group
sudo usermod -aG wireshark $USER
# Log out and back in
# Or use sudo
sudo wiresharkThis guide covered Wireshark installation, packet capture, and network analysis for Arch Linux, CachyOS, and other distributions.
- tcpdump Guide - Command-line capture
- Network Utilities - Network tools
- Networking - Network setup
- Wireshark: https://www.wireshark.org/
This guide covers Arch Linux, CachyOS, and other Linux distributions. For distribution-specific details, refer to your distribution's documentation.