On this article we will discuss how to install and configure Wireshark 3.4.2 (the lastes stable version so far) on Ubuntu 20.04 LTS Linux Operating system.
Wireshark is a free and open-source network protocol analyzer. Previously known as Ethereal, Wireshark is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark is cross-platform, using the Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets. On this article we will discuss how to install and configure Wireshark 3.4.2 on Ubuntu 20.04 LTS operating system. We will use the last stable repository of Wireshark which was released on December 18, 2020.
Installing Wireshark on Ubuntu 20.04 LTS
The Wireshark installation will be consist of several steps as briefly explained below :
- Add The last Wireshark Stable Repository
- Installing Wireshark
- Configuring Wireshark
- Launch Wireshark
Add The last Wireshark Stable Repository
The first step of installing Wireshark is to add the last stable version, this can be obtained by submitting command line :
sudo add-apt-repository ppa:wireshark-dev/stable.
ramans@diginet-app02:~$ sudo add-apt-repository ppa:wireshark-dev/stable [sudo] password for ramans: Latest stable Wireshark releases back-ported from Debian package versions. Back-porting script is available at https://github.com/rbalint/pkg-wireshark-ubuntu-ppa From Ubuntu 16.04 you also need to enable "universe" repository, see: http://askubuntu.com/questions/148638/how-do-i-enable-the-universe-repository The packaging repository for Debian and Ubuntu is at: https://salsa.debian.org/debian/wireshark More info: https://launchpad.net/~wireshark-dev/+archive/ubuntu/stable Press [ENTER] to continue or Ctrl-c to cancel adding it.
Installing Wireshark 3.4.2
Before installing step, we have to update our Ubuntu system first to enable the last packages update on the system. This task can be obtained by submitting command line :
sudo apt update.
ramans@diginet-app02:~$ sudo apt update Hit:1 http://security.ubuntu.com/ubuntu focal-security InRelease Hit:2 http://us.archive.ubuntu.com/ubuntu focal InRelease Hit:3 http://us.archive.ubuntu.com/ubuntu focal-updates InRelease Hit:4 http://us.archive.ubuntu.com/ubuntu focal-backports InRelease Err:5 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu focal InRelease
The next step is submitting command line :
sudo apt -y install wireshark to install Wireshark 3.4.2 on the system.
ramans@diginet-app02:~$ sudo apt -y install wireshark Reading package lists… Done Building dependency tree Reading state information… Done The following packages were automatically installed and are no longer required: libeclipse-jdt-core-java libfprint-2-tod1 libllvm9 libtcnative-1 Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: libc-ares2 libdouble-conversion3 libminizip1 libpcre2-16-0 libqt5core5a libqt5dbus5 libqt5gui5 libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5 libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5 libqt5widgets5 libsmi2ldbl libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark14 libwiretap11 libwsutil12 libxcb-xinerama0 libxcb-xinput0 qt5-gtk-platformtheme qttranslations5-l10n wireshark-common wireshark-qt Suggested packages: qt5-image-formats-plugins qtwayland5 snmp-mibs-downloader geoipupdate geoip-database geoip-database-extra libjs-leaflet libjs-leaflet.markercluster wireshark-doc The following NEW packages will be installed: libc-ares2 libdouble-conversion3 libminizip1 libpcre2-16-0 libqt5core5a libqt5dbus5 libqt5gui5 libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5 libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5 libqt5widgets5 libsmi2ldbl libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark14 libwiretap11 libwsutil12 libxcb-xinerama0 libxcb-xinput0 qt5-gtk-platformtheme qttranslations5-l10n wireshark wireshark-common wireshark-qt
Then we will be prompted by the dialog box as shown below. We select the <Yes> option to complete the installation.
After installation was done, then we verify it by querying its version, this task can be done by submitting command line :
wireshark --version, the result is as shown below.
ramans@diginet-app02:~$ wireshark --version Wireshark 3.4.2 (Git v3.4.2 packaged as 3.4.2-1~ubuntu20.04.0+wiresharkdevstable1) Copyright 1998-2020 Gerald Combs firstname.lastname@example.org and contributors. License GPLv2+: GNU GPL version 2 or later https://www.gnu.org/licenses/gpl-2.0.html This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (64-bit) with Qt 5.12.8, with libpcap, with POSIX capabilities (Linux), with libnl 3, with GLib 2.64.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.13 and PKCS #11 support, with Gcrypt 1.8.5, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.40.0, with brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.10, with QtMultimedia, without automatic updates, with SpeexDSP (using system library). Running on Linux 5.8.0-36-generic, with Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz (with SSE4.2), with 7933 MB of physical memory, with locale en_US.UTF-8, with libpcap version 1.9.1 (with TPACKET_V3), with GnuTLS 3.6.13, with Gcrypt 1.8.5, with brotli 1.0.7, with zlib 1.2.11, binary plugins supported (0 loaded). Built using gcc 9.3.0.
On this section, we will configure accounts who could use Wireshark. For this purpose, we have to add account(s) to the wireshark group so that these users can use Wireshark. As our example we will add all user to be able to use Wireshark. To do this, we will submit the command line :
ramans@diginet-app02:~$ sudo usermod -a -G wireshark $USER [sudo] password for ramans: ramans@diginet-app02:~$ sudo chgrp wireshark /usr/bin/dumpcap ramans@diginet-app02:~$ sudo chmod 750 /usr/bin/dumpcap ramans@diginet-app02:~$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
Then verify it by submitting command line :
ramans@diginet-app02:~$ sudo getcap /usr/bin/dumpcap /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
After Wireshark installation and configuration was completed done, then we will launch the application. The Wireshark can be launched by searching on Ubuntu Application Manager or submit the ‘wireshark’ from the console.
Launching Wireshark through the Graphical User Interface (GUI) by opening the activities on the Ubuntu desktop. Search Wireshark then doubleclick the wireshark icon.
The second option is calling wireshark by submitting command line form the console :
The Wireshark first use is as follow :
On this article we have shown you how to install Wireshark version 3.4.2 on Ubuntu 20.04 LTS operating system successfully. For more detail about Wireshark can be discovered on Wireshark official web page.