Start capturing wireshark packets manually

saket107 · 04-19-2009, 02:03 PM

HI,

I am working on an assignment wherein I need to write TCL scripts to capture wireshark packets running on Windows XP.
To start the wireshark capture, one needs to open wireshark.exe and then go to capture->Interface->start.

Before writing script, I tried running manually. Below are the steps, I followed -

1) Open command prompt from start->Run and type cmd.
2) Go to path where executable of wireshark is stored( example - c:\program files\wireshark).
3) run wireshark.exe -i 192.168.1.2

Wireshark application is opened. But it does not start capturing the packets.

I think one needs to do something from the wireshark application and not from the MS-DOS. Can anyone tell me how to start wireshark capture from MS-DOS?

Can anyone also suggest me some other way to start capturing wireshark packets without manually doing it.

Thanks,
saket

**lorjack** · 04-19-2009, 03:58 PM

Can't help with homework

**Cellus** · 04-22-2009, 05:14 PM

While we typically do not assist with homework, showing how to use the command line to run Wireshark is okay in this case. As for interpreting the captured traffic, that's another story.

Add the -k option to start the capture.

eg: wireshark.exe -i 192.168.1.2 -k

I suggest you take a look at the Wireshark documentation for details on running Wireshark from the command line for more information:

http://www.wireshark.org/docs/wsug_h...ustCommandLine

saket107 · 04-26-2009, 01:56 PM

Thanks for your help. This works!!!

I am working on a project where I was stuck while running wireshark. Its definitely not a home work.

04-19-2009, 02:03 PM	#1 (permalink)
saket107 Registered User Join Date: Apr 2009 Posts: 3 OS: Windows XP	Start capturing wireshark packets manually HI, I am working on an assignment wherein I need to write TCL scripts to capture wireshark packets running on Windows XP. To start the wireshark capture, one needs to open wireshark.exe and then go to capture->Interface->start. Before writing script, I tried running manually. Below are the steps, I followed - 1) Open command prompt from start->Run and type cmd. 2) Go to path where executable of wireshark is stored( example - c:\program files\wireshark). 3) run wireshark.exe -i 192.168.1.2 Wireshark application is opened. But it does not start capturing the packets. I think one needs to do something from the wireshark application and not from the MS-DOS. Can anyone tell me how to start wireshark capture from MS-DOS? Can anyone also suggest me some other way to start capturing wireshark packets without manually doing it. Thanks, saket

04-19-2009, 03:58 PM	#2 (permalink)
lorjack TSF Enthusiast Join Date: Nov 2007 Location: Planet Earth Posts: 2,205 OS: Windows 2K, XP Pro sp3, Windows Vista, Windows 7, Ubuntu	Re: Start capturing wireshark packets manually Can't help with homework

04-22-2009, 05:14 PM	#3 (permalink)
Cellus Moderator Networking Team Join Date: Aug 2006 Location: Canada Posts: 2,664 OS: Windows Vista Business SP1, Windows XP Professional SP3 My System	Re: Start capturing wireshark packets manually While we typically do not assist with homework, showing how to use the command line to run Wireshark is okay in this case. As for interpreting the captured traffic, that's another story. Add the -k option to start the capture. eg: wireshark.exe -i 192.168.1.2 -k I suggest you take a look at the Wireshark documentation for details on running Wireshark from the command line for more information: http://www.wireshark.org/docs/wsug_h...ustCommandLine __________________ TSF Networking Team Virus/Trojan/Spyware Removal Help Donate!

04-26-2009, 01:56 PM	#4 (permalink)
saket107 Registered User Join Date: Apr 2009 Posts: 3 OS: Windows XP	Re: Start capturing wireshark packets manually Thanks for your help. This works!!! I am working on a project where I was stuck while running wireshark. Its definitely not a home work.