Installing Wireshark under CentOS

If you wish to use the free and open-source (FOSS) network packet analyzer Wireshark on a CentOS Linux system, e.g., CentOS 7, you can install the command line interface (CLI) version of the software, TShark, with yum install wireshark.

CentOS 7 System Engineer Complete Course
CentOS 7 System Engineer
Complete Course 1x1 px



Save on a Computer: Run Windows, Mac, and Linux with VirtualBox
Save on a Computer: Run Windows,
Mac, and Linux with VirtualBox 1x1 px 

$ rpm -qi wireshark
Name        : wireshark
Version     : 1.10.14
Release     : 10.el7
Architecture: x86_64
Install Date: Sun 30 Apr 2017 12:38:01 PM EDT
Group       : Applications/Internet
Size        : 70087549
License     : GPL+
Signature   : RSA/SHA256, Sun 20 Nov 2016 04:00:09 PM EST, Key ID 24c6a8a7f4a80eb5
Source RPM  : wireshark-1.10.14-10.el7.src.rpm
Build Date  : Sat 05 Nov 2016 09:32:46 PM EDT
Build Host  : worker1.bsys.centos.org
Relocations : (not relocatable)
Packager    : CentOS BuildSystem <http://bugs.centos.org>
Vendor      : CentOS
URL         : http://www.wireshark.org/
Summary     : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.
$ which tshark
/usr/sbin/tshark
$

But, if you wish to use the graphical user interface (GUI) version you need to install the wireshark.gnome package. You can install it with yum install wireshark-gnome. After you install it, the Wireshark application will be at /usr/sbin/wireshark. Or you can start it from the GNOME desktop interface by clicking Applications then Internet then Wireshark Network Analyzer.

$ rpm -qi wireshark-gnome
Name        : wireshark-gnome
Version     : 1.10.14
Release     : 10.el7
Architecture: x86_64
Install Date: Sun 30 Apr 2017 01:04:06 PM EDT
Group       : Applications/Internet
Size        : 2516569
License     : GPL+
Signature   : RSA/SHA256, Sun 20 Nov 2016 04:00:25 PM EST, Key ID 24c6a8a7f4a80eb5
Source RPM  : wireshark-1.10.14-10.el7.src.rpm
Build Date  : Sat 05 Nov 2016 09:32:46 PM EDT
Build Host  : worker1.bsys.centos.org
Relocations : (not relocatable)
Packager    : CentOS BuildSystem <http://bugs.centos.org>
Vendor      : CentOS
URL         : http://www.wireshark.org/
Summary     : Gnome desktop integration for wireshark
Description :
Contains wireshark for Gnome 3 and desktop integration file
$ which wireshark
/usr/sbin/wireshark
$

If you have a pcap file of data captured with tcpdump or captured on another system with Wireshark, you can click on File and select Open.

Wireshark Crash Course
Wireshark Crash Course 1x1px



Wireshark in 60 minutes
Wireshark in 60 minutes 1x1px

Wireshark

Related articles:

  1. Capturing and filtering data with Wireshark