To start capturing traffic in Wireshark, follow these steps:
-
Open Wireshark: Launch the application by typing
wiresharkin your terminal and pressing Enter. -
Select Network Interface: In the main interface, you'll see a list of available network interfaces. Click on the interface you want to monitor (e.g.,
eth1). -
Start Capturing Packets: Click the
Start capturing packetsbutton, represented by a blue shark fin icon in the toolbar. This will begin capturing all network packets passing through the selected interface. -
Generate Traffic: To capture some traffic, you can use a command like
curlin a terminal to generate network activity. -
Stop Capturing: After capturing for a desired duration, click the
Stop capturing packetsbutton (red square icon) to stop the capture. -
Save Captured Traffic: Go to the
Filemenu and selectSave, or pressCtrl+Sto save the captured packets for future analysis.
Now you are ready to analyze the captured network traffic!
