$ cat /usr/share/doc/wireshark-common/README.Debian

I. Capturing packets with Wireshark/Tshark

There are two ways of installing Wireshark/Tshark on Debian:

I./a. Installing dumpcap without allowing non-root users to capture packets

Only root user will be able to capture packets. It is advised to capture
      packets with the bundled dumpcap program as root and then run
      Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]

This is the default on Debian systems.
      
   I./b. Installing dumpcap and allowing non-root users to capture packets

Members of the wireshark group will be able to capture packets on network
      interfaces. This is the preferred way of installation if Wireshark/Tshark
      will be used for capturing and displaying packets at the same time, since
      that way only the dumpcap process has to be run with elevated(提高的) privileges
      thanks to the privilege separation[1].

Note that no user will be added to group wireshark automatically, the
      system administrator has to add them manually.

The additional privileges are provided using the Linux Capabilities
      system where it is available and resort(努力) to setting the set-user-id bit
      of the dumpcap binary as a fall-back, where the Linux Capabilities system
      is not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).

Linux kernels provided by Debian support Linux Capabilities, but custom
      built kernels may lack this support. If the support for Linux
      Capabilities is not present at the time of installing wireshark-common
      package, the installer will fall back to set the set-user-id bit to
      allow non-root users to capture packets.

If installation succeeds with using Linux Capabilities, non-root users
      will not be able to capture packets while running kernels not supporting
      Linux Capabilities.

Note that capturing USB packets(USB网卡的数据包吗?) is not enabled for non-root users by using
      Linux Capabilities. You have to capture the packets using the method
      described in I./a., setting the set-user-id permanently using
      dpkg-statoverride or running Wireshark as root.

The installation method can be changed any time by running:
   dpkg-reconfigure wireshark-common

II. Installing SNMP MIBs

SNMP [4] OIDs can be decoded using MIBs provided by other packages.
    wireshark-common suggests snmp-mibs-downloader which package can be used to
    download a set of common MIBs Wireshark/Tshark tries to load at startup.

SNMP: 简单网络传输协议

OID:SNMP对象标识符

ubuntu 12.04 安装

$ sudo apt-get install snmp-mibs-downloader

    At the time of writing, MIBs are distributed under DFSG incompatible terms
    [5] thus snmp-mibs-downloader has to be in the non-free archive area.
    To keep wireshark in the main area [7], wireshark-common does not depend on
    or recommend snmp-mibs-downloader and as a result snmp-mibs-downloader is
    not installed automatically with wireshark.

To make Wireshark/Tshark able to decode OIDs, please install
    snmp-mibs-downloader manually.

To help Wireshark/Tshark to decode OIDs without having to install packages
    manually, please support the initiative of requesting additional rights
    from RFC authors [5].

[1] http://wiki.wireshark.org/Development/PrivilegeSeparation
   [2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
   [3] https://blog.wireshark.org/2010/02/running-wireshark-as-you
   [4] http://wiki.wireshark.org/SNMP
   [5] http://wiki.debian.org/NonFreeIETFDocuments
   [6] http://www.debian.org/doc/debian-policy/ch-archive.html#s-non-free
   [7] http://www.debian.org/doc/debian-policy/ch-archive.html#s-main

随机推荐

  1. Ubuntu 16.04 以太坊开发环境搭建

    今天我们来一步一步从搭建以太坊智能合约开发环境. Ubuntu16.04 安装ubuntu16.04.下载链接 //先update一下(或者换国内源再update) sudo apt-get upda ...

  2. Flask 学习系列(三)---Jinjia2使用过滤器

    再Jinjia2中过滤器是一种转变变量输出内容的技术.··过滤器通过管道符号“|与变量链接,并且可以通过圆括号传递参数” .举例说明: {{my_variable|default('my_variab ...

  3. ECSHOP 商品增加新字段的方法

    在ecshop二次开发工作中,经常碰到一些ECSHOP高级使用者问我,如何给商品增加一个新字段,来录入一些新的内容. 下面我们结合ecshop后台“商品编辑”.“商品录入”来谈谈如何给ecshop商品 ...

  4. CSS3学习-用CSS制作立体导航栏

    <!doctype html> <html lang="en"> <head> <meta charset="UTF-8&quo ...

  5. 编译错误you should not run configure as root (set FORCE_UNSAFE_CONFIGURE=1 in environment to bypass this check)

    解决方法: export FORCE_UNSAFE_CONFIGURE=1

  6. RK3288开发过程中遇到的问题点和解决方法之Kernel

    修改背光改变区间 kernel\drivers\video\backlight\pwm_bl.c static int pwm_backlight_update_status(struct backl ...

  7. 使用java来压缩图片

    使用java来压缩图片,简单几句,清清爽爽 使用0.3的压缩比得到的结果如下(从2.8M压缩到268K,且图片的清晰度看不出明显差别): package carlspringtest; import ...

  8. Ecshop:ecshop nginx下实现url静态化

    1.在nginx/conf/tuwen.com.conf中添加: include ecshop.conf; 2.编辑nginx/ecshop.conf: location / { rewrite &q ...

  9. 系统有问题基本出在数据库上,web层无状态

    系统有问题基本出在数据库上,web层无状态.

  10. 51nod 1431 快乐排队

    题目来源: CodeForces 基准时间限制:1 秒 空间限制:131072 KB 分值: 80 难度:5级算法题  收藏  关注 有一群人在排队,如果某个人想排到前面去,可以花一元钱给直接站在他前 ...