$ cat /usr/share/doc/wireshark-common/README.Debian

I. Capturing packets with Wireshark/Tshark

There are two ways of installing Wireshark/Tshark on Debian:

I./a. Installing dumpcap without allowing non-root users to capture packets

Only root user will be able to capture packets. It is advised to capture
      packets with the bundled dumpcap program as root and then run
      Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]

This is the default on Debian systems.
      
   I./b. Installing dumpcap and allowing non-root users to capture packets

Members of the wireshark group will be able to capture packets on network
      interfaces. This is the preferred way of installation if Wireshark/Tshark
      will be used for capturing and displaying packets at the same time, since
      that way only the dumpcap process has to be run with elevated(提高的) privileges
      thanks to the privilege separation[1].

Note that no user will be added to group wireshark automatically, the
      system administrator has to add them manually.

The additional privileges are provided using the Linux Capabilities
      system where it is available and resort(努力) to setting the set-user-id bit
      of the dumpcap binary as a fall-back, where the Linux Capabilities system
      is not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).

Linux kernels provided by Debian support Linux Capabilities, but custom
      built kernels may lack this support. If the support for Linux
      Capabilities is not present at the time of installing wireshark-common
      package, the installer will fall back to set the set-user-id bit to
      allow non-root users to capture packets.

If installation succeeds with using Linux Capabilities, non-root users
      will not be able to capture packets while running kernels not supporting
      Linux Capabilities.

Note that capturing USB packets(USB网卡的数据包吗?) is not enabled for non-root users by using
      Linux Capabilities. You have to capture the packets using the method
      described in I./a., setting the set-user-id permanently using
      dpkg-statoverride or running Wireshark as root.

The installation method can be changed any time by running:
   dpkg-reconfigure wireshark-common

II. Installing SNMP MIBs

SNMP [4] OIDs can be decoded using MIBs provided by other packages.
    wireshark-common suggests snmp-mibs-downloader which package can be used to
    download a set of common MIBs Wireshark/Tshark tries to load at startup.

SNMP: 简单网络传输协议

OID:SNMP对象标识符

ubuntu 12.04 安装

$ sudo apt-get install snmp-mibs-downloader

    At the time of writing, MIBs are distributed under DFSG incompatible terms
    [5] thus snmp-mibs-downloader has to be in the non-free archive area.
    To keep wireshark in the main area [7], wireshark-common does not depend on
    or recommend snmp-mibs-downloader and as a result snmp-mibs-downloader is
    not installed automatically with wireshark.

To make Wireshark/Tshark able to decode OIDs, please install
    snmp-mibs-downloader manually.

To help Wireshark/Tshark to decode OIDs without having to install packages
    manually, please support the initiative of requesting additional rights
    from RFC authors [5].

[1] http://wiki.wireshark.org/Development/PrivilegeSeparation
   [2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
   [3] https://blog.wireshark.org/2010/02/running-wireshark-as-you
   [4] http://wiki.wireshark.org/SNMP
   [5] http://wiki.debian.org/NonFreeIETFDocuments
   [6] http://www.debian.org/doc/debian-policy/ch-archive.html#s-non-free
   [7] http://www.debian.org/doc/debian-policy/ch-archive.html#s-main

随机推荐

  1. Java 多线程概念

    1.为什么要使用多线程: 更多的处理器核心. 更快的响应时间. 更好的变成模型. 2.线程的优先级: 现代操作系统基本采用时分的形式调度运行的线程,操作系统会分出一个个的时间片,线程会分配到若干时间片 ...

  2. A. Arya and Bran

    A. Arya and Bran time limit per test 1 second memory limit per test 256 megabytes input standard inp ...

  3. 在MVC中使用dotless后台动态解析LESSCSS的学习笔记

    通过学习LessCSS,我们知道,Less是需要通过编译才能生成 .css 文件,主要使用三种方式进行编译: 1)使用第三方编译工具,在项目发布前编译好放在项目中. 2)在浏览器端解析执行,需要引用  ...

  4. Bootcamp Win10蓝牙鼠标的问题

    运行services.msc找到Bluetooth support service 把启动类型从手动改为自动 重新连接蓝牙鼠标

  5. B/S架构 C/S架构 SOA架构

    一.什么是C/S和B/S 第一.什么是C/S结构.C/S (Client/Server)结构,即大家熟知的客户机和服务器结构.它是软件系统体系结构,通过它可以充分利用两端硬件环境的优势,将任务合理分配 ...

  6. HTML5:使用postMessage实现Ajax跨域请求

    HTML5:使用postMessage实现Ajax跨域请求 由于同源策略的限制,Javascript存在跨域通信的问题,典型的跨域问题有iframe与父级的通信等. 常规的几种解决方法: (1) do ...

  7. 织梦修改“dedecms提示信息”

    1.根目录下include文件夹,找到common.func.php: 2.根目录下dede文件夹(管理目录默认dede),找到sys_data_done.php: 3.打开以上2个.php文件,把“ ...

  8. ajax提交表单无法验证easyui的验证选项(比如required等)

    在实际开发中,遇到ajax方式提交表单没法验证easyui的验证选项,这对实际用户体验造成了很大的困扰.当然,这也是理所当然的事情.   解决办法:使用jquery中ajax的beforeSend事件 ...

  9. jsp另外五大内置对象之config

    //配置web.xml <?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi=&q ...

  10. ZOJ 3471 Most Powerful (状压DP,经典)

    题意: 有n个原子,每当两个原子碰撞时就会产生能量,并且消耗其中一个原子.已知每两个原子碰撞时消耗其中指定一个原子所产生的能量,问最多能产生多少能量? 思路: 一开始以为是找一个有序序列,使得能量最大 ...