• 快捷键
• The Menu
• The main toolbar
• The filter menu
• The “packet List” pane
• The “packet detailes “ pane
• Starting Capture

快捷键

快捷键

The Menu

First, you have to understand it: in wireshark, the packet is very important concept.Above, items of menu have File,Edit, View, Go,Capture,Analyze and they use packets(born from TCP/IP) except file.

The main toolbar

The filter menu

The “packet List” pane

Each line in the packet list corresponds to one packet in the capture file, if you select a line in this pane, more details will be displayed in the “packet pane” and “Packet Bytes” panes.

The picture is very happy:

The “packet detailes “ pane

…

Starting Capture

wireshark -i eth0 -k

This will start Wireshark capturing on interface eth0.

Or you click “Capture” -> “Options”, which short key is ctrl + k. You can add it and linux command ifconfig into to test.

So, my eth0 is called ‘enp1s0’