under 'mon-mode' WS had both of my interfaces (AR9271 @ wlan0 | BCM4322 @ wlan1) labeled 'disabled' although only one (wlan0) had the capability. after closing WS i put down and changed wlan0 to monitor mode using 'ifconfig' and 'iwconfig' from the terminal. expecting wlan0 to have different status, now it is not in the interface list. even after a reboot (and rechange wlan0 to monitor mode) WS still do not have it on the list. after closing the program again, i ran the following lines onto the terminal: when running WS again, wlan0 were still absent from the list but now the interface 'mon0' is in it eventhough it had the same 'disabled' as the 'mon-mode' status. when setting up WS i used the following command lines to remedy appropriate capture priviledge for all user: if this is not a normal outcome, i suspect that i either had missed something in the privilege setup or need to configure some new link layer header that i yet to understand. can someone please advice, thank you. asked 16 Jan '17, 08:45  harayz |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Is the interface up? The description seems to indicate you took it down with ifconfig, did you bring it back up? Also turn off the network manager if you have not already done so.
$ sudo ifconfig wlan0 up
You can do all of this manually, which you may have to do. The iw command provides all the configuration capability.
Just as a test, run wireshark as root. See if you get a behavior change.
@Bob Jones: I would rather not have you recommend running Wireshark as root. People will take it as a solution, while it is a problem. Use the right tool and build from the ground up. As in this case, run dumpcap from the command line and see what it says, then step up to tshark, then Wireshark.