I am trying to find a way to set the default capture options. I would like to have my capture by default stop capturing after 5MB. The default is curranly set to 1000KB. Is there a config file or enviroment variable that could be set to change the default capture options? This is for a Linux base box and i'm needing these changes for the GUI. asked 25 Sep '12, 12:35  Tektron |
2 Answers:
You can use the following, which will launch Wireshark and immediately begin capturing on interface For more information on Wireshark's command-line options, refer to the Wireshark man page or User Guide. answered 25 Sep '12, 13:38  cmaynard ♦♦ edited 25 Sep '12, 13:39 |
By default the preferences file for your user will be at: ~/.wireshark/preferences While the system defaults are at: /usr/share/wireshark/preferences If you got Wireshark from your dirstobutions repositories (through yum or apt-get or somesuch) then your user preferences may be in root's home (/root/.wireshark/preferences). The global prefs file may also be elsewhere, "$which wireshark" will give you a clue. The user prefs file will override (completely) the system prefs, same with the colorfilters files. The wireshark docs have more info on what can be adjusted in the prefs. answered 25 Sep '12, 17:59  CTNOBLE |
