wireshark client issue: unrecognized libcap format or not libcap data

[bluephoenix71]

Hi all,

The issue only happens when I stop Wireshark from capturing the nodes inside EVE and then start it again. If I just click capture and choose the interface, there is no problem all traffic is captured. If I decided to stop it and start it again the error message window appears.


Please let me know what outputs you need from me to further analyze it.? I have already installed, re-installed the windows client several times and still the issue persists.


Thanks,

[ecze]

watch carefully how-to video

http://www.eve-ng.net/index.php/documen ... or-windows

You miss the step where you need to set user / password for wireshark_wrapper.bat script

E.

[bluephoenix71]

Hi,

I checked the video however, there is no portion where the wireshark password was changed. Could you indicate what minute and seconds so I can pinpoint it? the video is 8:12 long and when I go to 3:59, the next step is testing telnet, vnc and wireshark. The wireshark worked the first time and after that no mention on changing passwords in wireshark wrapper bat file up to the end of the video.

I went to this site
http://www.eve-ng.net/index.php/faq

This is my bat file under C:\Program Files\EVE-NG\

Code: Select all

@ECHO OFF
SET USERNAME="root"
SET PASSWORD="eve"

SET S=%1
SET S=%S:capture://=%
FOR /f "tokens=1,2 delims=/ " %%a IN ("%S%") DO SET HOST=%%a&SET INT=%%b
IF "%INT%" == "pnet0" SET FILTER=" not port 22"

ECHO "Connecting to %USERNAME%@%HOST%..."

"C:\Program Files\EVE-NG\plink.exe" -ssh -pw %PASSWORD% %USERNAME%@%HOST% "tcpdump -U -i %INT% -s 0 -w -%FILTER%" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -

Can you point out what password am I supposed to be using?

Thanks,

[ecze]

Stop / Start capture is not supported

You have to close wireshark and click again on capture on EVE UI

E.

[bluephoenix71]

Ok thanks for clarifying that.