Wireshark-users: [Wireshark-users] I am unable to stop an active capture
From: Leon Goldman <leon244@xxxxxxxxxxx>
Date: Mon, 24 Nov 2014 17:19:15 -0500
I recently installed wireshark on my linux system. I run Mageia3

I followed the guidance at http://wiki.wireshark.org/CaptureSetup/CapturePrivileges, but following the directions under "Setting network privileges for dumpcap" or "Limiting capture permission to only on group" did not allow wireshark to be run as a user. It does run as root and cannot be stopped without killing the app.

I setuid on dumpcap to run wireshark gui as a user and that works, but after I begin a capture I am unable to stop it with the 'Stop' button or by doing Ctrl-E. I have to go in and kill the pid.

wireshark -v shows:

wireshark 1.10.11 (Git Rev Unknown from unknown)

Compiled (64-bit) with GTK+ 3.6.4, with Cairo 1.12.12, with Pango 1.32.5, with
GLib 2.34.3, with libpcap, with libz 1.2.7, with POSIX capabilities (Linux),
with libnl 3, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.1,
without Python, with GnuTLS 3.1.16, with Gcrypt 1.5.4, with MIT Kerberos, with
GeoIP, with PortAudio V19-devel (built Jan 13 2013), without AirPcap.

Running on Linux 3.10.60-desktop-1.mga3, with locale en_US.UTF-8, with libpcap
version 1.3.0, with libz 1.2.7, GnuTLS 3.1.16, Gcrypt 1.5.4.
Intel(R) Core(TM) i7 CPU         950  @ 3.07GHz

Built using gcc 4.7.2.

Advice on how to stop an active capture without resorting to the kill command would be most appreciated.
Thank you.
--
Leon