4 Replies Latest reply on Jul 23, 2019 6:07 AM by jlenag

    Wireshark 3.0

    jlenag Novice

      Has anyone tried to package Wireshark 3.0 with NPCAP?  Our network guys wanted us to upgrade from 2.x tree to this, but I can't get it to see any interfaces no matter what I try.  I've tried from our capture machine, but attempting to reboot during provisioning (which the install asks for) just results in a BSOD.  Same if I try to capture from our master image.  If I package without reboot, the software runs, but no interfaces can be seen.

       

      Only time I've seen this work is a base install on the mstr image not during provisioning, and only then after a successful reboot.   Anyone have any ideas?

       

      Horizon 7.6

      AV 2.15

        • 1. Re: Wireshark 3.0
          MDawgVM Lurker

          The way I handled it here was to use WinPcap.  Install it first and then Wireshark. Npcap won't work when doing a provision to an appstack. I tested this out with Wireshark 2.6.3 and Wireshark 3.0.2 and both had the same problem.  Both worked fine with WinPcap though. I know it's old and outdated software, but it handles everything properly.  It will also work with NMap if you're using that. Just deselect the Npcap install option and make sure WinPcap is installed first.

          • 2. Re: Wireshark 3.0
            jlenag Novice

            Thanks for the info on NPCAP.  I was slowly coming to that conclusion myself.  Unfortunately though, I cannot get Wireshark 3.0 to see any interfaces no matter what I try.  I got it to work on the capture machine during provisioning, but then when i attach the appstack to a desktop it goes blank.  At this point our network guys say it's not a big deal, so we're going to wait a couple version and try again later.

             

            Thanks for the help!

            • 3. Re: Wireshark 3.0
              jmatz135 Hot Shot

              Launch wireshark as administrator from the VDI desktop and see if that works. I haven't tried 3.0 yet, but in 2.x I've had to do that.

              • 4. Re: Wireshark 3.0
                jlenag Novice

                We had privilege elevation set up for 2.0 as well.  I brought all those settings over when we tried 3.0 but it still didn't make a difference.