This is our old Q&A Site. Please post any new questions and answers at

I have WinPCAP running on a number of machines. I have a couple other devices running Wireshark. I have remote capture working. This is being done so I don't increase too much load on the remote servers being monitored.

The problem is there is no way to save remote ports in Wireshark so I have to create them each time.

There is a way to use a command line to start Wireshark and map a remote port:

wireshark -i rpcap://hostname:2002/adaptername


What do I use for adaptername? In Linux it is something like eth0 but I must be missing something as I don't know of the Windows equivalent. Anyone know what that is? It is my hope to write a batch file and call the three to five remote adapters even if it means opening multiple Wireshark windows.

asked 19 Oct '16, 14:14

Jollyrgr's gravatar image

accept rate: 0%

The Windows equivalent is, in Windows 2000 and later, an ugly string including a GUID. There's no name that, like eth0, is likely to be the default interface.

And, unfortunately, there's no command-line way in Wireshark to say "give me a list of all the interfaces on a remote machine", so there really isn't a good way to find the name of the interface without running a command on the remote machine or starting up the Wireshark GUI and getting a list of the remote interfaces from the GUI.

permanent link

answered 19 Oct '16, 16:34

Guy%20Harris's gravatar image

Guy Harris ♦♦
accept rate: 19%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 19 Oct '16, 14:14

question was seen: 1,737 times

last updated: 19 Oct '16, 16:34

p​o​w​e​r​e​d by O​S​Q​A