How To Install Wireshark On Ubuntu 20.04 LTS

On this short tutorial, we will discuss how to install Wireshark 3.4.2 (the lastes stable version so far) on Ubuntu 20.04 LTS Linux Operating system.

Introduction

Wireshark is a free and open-source network protocol analyzer. Previously known as Ethereal, Wireshark is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark is cross-platform, using the Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets; it runs on Linux, macOS, BSD, Solaris, some other Unix-like operating systems, and Microsoft Windows. There is also a terminal-based (non-GUI) version called TShark.

WireShark Installation On Ubuntu 20.04 LTS

The WireShark installation will be consist of several steps as mentioned below :

  • Add The Wireshark Stable Repository
  • Install Wireshark
  • Configure Wireshark
  • Launch Wireshark

The installation process will be discussed in more detail in the sub-chapter below.

1. Add The Wireshark Stable Repository

On this stage, we will add Wireshark stable repository to our Ubuntu System. For this purpose we will submit the following command line :

$ sudo add-apt-repository ppa:wireshark-dev/stable

The output will be :

ramans@diginet-app02:~$ sudo add-apt-repository ppa:wireshark-dev/stable
[sudo] password for ramans: 
 Latest stable Wireshark releases back-ported from Debian package versions.

Back-porting script is available at https://github.com/rbalint/pkg-wireshark-ubuntu-ppa

From Ubuntu 16.04 you also need to enable "universe"  repository, see:
http://askubuntu.com/questions/148638/how-do-i-enable-the-universe-repository

The packaging repository for Debian and Ubuntu is at: https://salsa.debian.org/debian/wireshark
 More info: https://launchpad.net/~wireshark-dev/+archive/ubuntu/stable
Press [ENTER] to continue or Ctrl-c to cancel adding it.
. . .
Fetched 6,630 kB in 12s (576 kB/s)                                                                   
Reading package lists... Done

Then we will update our repository, by submitting command line :

$ sudo apt update

2. Install Wireshark

After all are set, then we will install Wireshark on our Ubuntu 20.04 system by submitting command line :

$ sudo apt -y install wireshark

Output :

ramans@diginet-app02:~$ sudo apt -y install wireshark
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libeclipse-jdt-core-java libfprint-2-tod1 libllvm9 libtcnative-1
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
  libc-ares2 libdouble-conversion3 libminizip1 libpcre2-16-0 libqt5core5a libqt5dbus5 libqt5gui5
  libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5
  libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5 libqt5widgets5 libsmi2ldbl
  libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark14 libwiretap11 libwsutil12
  libxcb-xinerama0 libxcb-xinput0 qt5-gtk-platformtheme qttranslations5-l10n wireshark-common
  wireshark-qt
Suggested packages:
  qt5-image-formats-plugins qtwayland5 snmp-mibs-downloader geoipupdate geoip-database
  geoip-database-extra libjs-leaflet libjs-leaflet.markercluster wireshark-doc
The following NEW packages will be installed:
  libc-ares2 libdouble-conversion3 libminizip1 libpcre2-16-0 libqt5core5a libqt5dbus5 libqt5gui5
  libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5 libqt5multimediawidgets5
  libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5svg5 libqt5widgets5 libsmi2ldbl
  libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark14 libwiretap11 libwsutil12
  libxcb-xinerama0 libxcb-xinput0 qt5-gtk-platformtheme qttranslations5-l10n wireshark
  wireshark-common wireshark-qt
0 upgraded, 31 newly installed, 0 to remove and 63 not upgraded.
Need to get 16.1 MB/34.0 MB of archives.
After this operation, 169 MB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/wireshark-dev/stable/ubuntu focal/main amd64 libwsutil12 amd64 3.4.2-1~ubuntu20.04.0+wiresharkdevstable1 [96.9 kB]
Get:2 http://ppa.launchpad.net/wireshark-dev/stable/ubuntu focal/main amd64 libwireshark14 amd64 3.4.2-1~ubuntu20.04.0+wiresharkdevstable1 [15.9 MB]
Get:3 http://ppa.launchpad.net/wireshark-dev/stable/ubuntu focal/main amd64 wireshark amd64 3.4.2-1~ubuntu20.04.0+wiresharkdevstable1 [44.8 kB]
Fetched 16.1 MB in 16s (1,013 kB/s)                                                                  
Extracting templates from packages: 100%
Preconfiguring packages ...
. . .
Package configuration

On this installation, we will be prompted to enable root privilege to other user. By default the status is disable, by pressing ‘Yes’ we will confirm to give other user account to have root privilege.

Using Wireshark for non root user confirmation

After installation was completed done, then we will check Wireshark version by submitting command line :

$ wireshark --version

Output :

ramans@diginet-app02:~$ wireshark --version
Wireshark 3.4.2 (Git v3.4.2 packaged as 3.4.2-1~ubuntu20.04.0+wiresharkdevstable1)

Copyright 1998-2020 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.12.8, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.64.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.15.0, with Lua 5.2.4, with GnuTLS 3.6.13 and PKCS #11 support, with Gcrypt
1.8.5, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.40.0, with
brotli, with LZ4, with Zstandard, with Snappy, with libxml2 2.9.10, with
QtMultimedia, without automatic updates, with SpeexDSP (using system library).

Running on Linux 5.8.0-36-generic, with Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
(with SSE4.2), with 7933 MB of physical memory, with locale en_US.UTF-8, with
libpcap version 1.9.1 (with TPACKET_V3), with GnuTLS 3.6.13, with Gcrypt 1.8.5,
with brotli 1.0.7, with zlib 1.2.11, binary plugins supported (0 loaded).

Built using gcc 9.3.0.

On this section, we will configure accounts who could use Wireshark. For this purpose, we have to add account(s) to the Wireshark group so that these users can use Wireshark. As our example we will add all user to be able to user Wireshark. To do this, we will submit the command line :


You must add a username to the Wireshark group so that this user can use Wireshark. To do this, execute the following command, adding your required username after “wireshark” in the command.

3. Configure Wireshark

On this stage, we will configure a new non root user system to be able to use Wireshark. For this purpose we will create a new user and give him a privilege to be able to run Wireshark.

ramans@diginet-app02:~$ sudo usermod -a -G wireshark $USER
[sudo] password for ramans: 
ramans@diginet-app02:~$ sudo chgrp wireshark /usr/bin/dumpcap
ramans@diginet-app02:~$ sudo chmod 750 /usr/bin/dumpcap
ramans@diginet-app02:~$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
ramans@diginet-app02:~$ sudo getcap /usr/bin/dumpcap
/usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip

4. Launch Wireshark Monitoring Tools

There are two options for running the Wireshark application on Ubuntu, namely: via the terminal/konsole or through the Graphical User Interface (GUI).

By using terminal or console, we will submit the command line :

$ wireshark

By using the GUI desktop, we just search Wireshark application, and double click it to launch. The application can be seen as shown below.

Launching Wireshark for the first use on Ubuntu 20.04
Launching Wireshark for the first use on Ubuntu 20.04

Conclusion

On this short tutorial, we have learn how to install Wireshark, a Network Analyzer tools on Ubuntu 20.04 operating system. I hope this article could be helpful.

Add a Comment

Your email address will not be published.