Latest revision as of 08:09, 30 May 2011

Description

This test case tests the ability of Wireshark to capture and analyze network traffic.

Add the current user <username> to wireshark group: su -c 'usermod -a -G wireshark <username>'
Start capturing network traffic on eth0: wireshark -i eth0 -k
Do some network activities, like go to some websites, ssh/ping a remote host.
Stop capturing traffic.
Save file as: /tmp/test.pcap
Close Wireshark
Open the saved file with Wireshark: wireshark /tmp/test.pcap
Try to use the Filter eg: filter by HTTP, SSH etc...
Try to use Follow TCP stream functionality.
Close Wireshark

@@ Line 4: / Line 4: @@
 # Ensure the {{package|wireshark}}, {{package|wireshark-gnome}} packages are installed.
 |actions=
-# Add the current user to wireshark group: {{command|su -c 'usermod -a -G wireshark <username>'}}
+# Add the current user <username> to wireshark group: {{command|su -c 'usermod -a -G wireshark <username>'}}
 # Start capturing network traffic on '''eth0''': {{command|wireshark -i eth0 -k}}
-# Do some network activities, like go to some website, ssh/ping a remote host.
+# Do some network activities, like go to some websites, ssh/ping a remote host.
 # Stop capturing traffic.
 # Save file as: {{command|/tmp/test.pcap}}
@@ Line 17: / Line 17: @@
 |results=
 # You should see Wireshark capturing packets.
-# Filer and Follow TCP stream should work.
+# Wireshark should be able to save/open the file.
+# Filter and Follow TCP stream should work.
 # Wireshark should works as expected without crashes.
 }}