Wireshark

Wireshark is a widely-used network protocol analyzer that lets you see what’s happening on a network at a microscopic level.

Installation

Wireshark can be installed either from the Software Center or via terminal:

sudo eopkg it wireshark

Use wireshark as a non-root user

For security reasons, it is strongly unadvised to run Wireshark as root. To capture packets as non-root user, execute these commands:

sudo gpasswd -a $USER wireshark
sudo setcap cap_dac_override,cap_net_admin,cap_net_raw+eip /usr/bin/dumpcap

Usage

Wireshark User’s Guide and learning material are available on https://wireshark.org.