summaryrefslogtreecommitdiffstats
path: root/doc/faq.adoc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--doc/faq.adoc (renamed from docbook/faq.adoc)41
1 files changed, 19 insertions, 22 deletions
diff --git a/docbook/faq.adoc b/doc/faq.adoc
index 43cfa207..9173e615 100644
--- a/docbook/faq.adoc
+++ b/doc/faq.adoc
@@ -1,7 +1,7 @@
include::attributes.adoc[]
:stylesheet: ws.css
:linkcss:
-:copycss: {stylesheet}
+:copycss: {css_dir}/{stylesheet}
:toc:
= Wireshark Frequently Asked Questions
@@ -35,11 +35,8 @@ https://www.wireshark.org/about.html[About Wireshark] page.
[#wheretogethelp]
=== Where can I get help?
-Community support is available on the
-https://ask.wireshark.org/[Q&A site]
-and on the wireshark-users mailing list.
-Subscription information and archives for all of Wireshark's mailing lists can be found at
-https://www.wireshark.org/mailman/listinfo[https://www.wireshark.org/mailman/listinfo].
+Community support is available on the https://ask.wireshark.org/[Q&A site] and on the wireshark-users mailing list.
+Subscription information and archives for all of Wireshark's mailing lists can be found at https://lists.wireshark.org/.
// An IRC channel dedicated to Wireshark can be found at
// irc://irc.freenode.net/wireshark[irc://irc.freenode.net/wireshark].
@@ -121,14 +118,14 @@ Wireshark as a DLL, you're probably doing it wrong.
// While we try to make sure that Wireshark is as easy as possible to obtain and use, please keep in mind that it’s developed by a team of volunteers and that filling out compliance forms is pretty far beyond the scope of what those volunteers do.
-Please contact the https://sharkfestfoundation.org[Wireshark Foundation] and they will be able to help you for a nominal fee.
+Please contact the https://wiresharkfoundation.org[Wireshark Foundation] and they will be able to help you for a nominal fee.
=== Can you sign this legal agreement so that I can use Wireshark?
// As with the previous question, Wireshark is developed by a team of volunteers.
// Even if they were inclined to do so, they aren’t authorized to sign agreements on behalf of the project.
-Please contact the https://sharkfestfoundation.org[Wireshark Foundation] and they will be able to help you for a somewhat less nominal fee.
+Please contact the https://wiresharkfoundation.org[Wireshark Foundation] and they will be able to help you for a somewhat less nominal fee.
=== What protocols are currently supported?
@@ -177,7 +174,7 @@ Wireshark to do so), ATM connections (if the OS on which it's running
allows Wireshark to do so), and the "any" device supported on Linux by
recent versions of libpcap.
-See https://gitlab.com/wireshark/wireshark/-/wikis/CaptureSetup/NetworkMedia[the list of
+See {wireshark-wiki-url}CaptureSetup/NetworkMedia[the list of
supported capture media on various OSes] for details (several items in
there say "Unknown", which doesn't mean "Wireshark can't capture on
them", it means "we don't know whether it can capture on them"; we
@@ -250,9 +247,9 @@ those network types.
Each major release branch of Wireshark supports the versions of Windows that are within their product lifecycle at the time of the “.0” release for that branch.
For example, Wireshark 3.2.0 was released in December 2019, shortly before Windows 7 reached the end of its extended support in January 2020. As a result, each of the Wireshark 3.2._x_ releases supports Windows 7, even after January 2020.
See the
-link:https://www.wireshark.org/docs/wsug_html_chunked/ChIntroPlatforms.html[Microsoft Windows section of the User’s Guide]
+link:{wireshark-users-guide-url}ChIntroPlatforms.html[Microsoft Windows section of the User’s Guide]
and the
-link:https://gitlab.com/wireshark/wireshark/-/wikis/Development/LifeCycle[End Of Life Planning section of the Release Life Cycle wiki page]
+link:{wireshark-wiki-url}Development/LifeCycle[End Of Life Planning section of the Release Life Cycle wiki page]
for more details.
Npcap might not work well on Windows 8 and earlier, so you might want to install WinPcap instead.
@@ -328,8 +325,8 @@ Some switches have the ability to replicate all traffic on all ports to
a single port so that you can plug your analyzer into that single port
to sniff all traffic. You would have to check the documentation for the
switch to see if this is possible and, if so, to see how to do this. See
-https://gitlab.com/wireshark/wireshark/-/wikis/SwitchReference[the switch reference page] on
-https://gitlab.com/wireshark/wireshark/-/wikis[the Wireshark Wiki] for information on some
+{wireshark-wiki-url}SwitchReference[the switch reference page] on
+{wireshark-wiki-url}[the Wireshark Wiki] for information on some
switches. (Note that it's a Wiki, so you can update or fix that
information, or add additional information on those switches or
information on new switches, yourself.)
@@ -555,7 +552,7 @@ various higher-level protocol implementations.
In order to see the raw Ethernet packets, rather than "de-VLANized"
packets, you would have to capture not on the virtual interface for the
VLAN, but on the interface corresponding to the physical network device,
-if possible. See https://gitlab.com/wireshark/wireshark/-/wikis/CaptureSetup/VLAN[the
+if possible. See {wireshark-wiki-url}CaptureSetup/VLAN[the
Wireshark Wiki item on VLAN capturing] for details.
=== Why does Wireshark hang after I stop a capture?
@@ -668,7 +665,7 @@ that name in the "Interface:" field and capturing on that device.
If the attempt to capture on it succeeds, the interface is somehow not
being reported by the mechanism Wireshark uses to get a list of
interfaces. Try listing the interfaces with WinDump; see
-https://www.windump.org/[the WinDump Web site] for information on using
+https://www.winpcap.org/windump/[the WinDump Web site] for information on using
WinDump.
You would run WinDump with the `-D` flag; if it lists the interface,
@@ -693,7 +690,7 @@ If not, then see {npcap-main-url}[the main Npcap page] - check the "Patches, Bug
If you are having trouble capturing on a particular network interface,
first try capturing on that device with WinDump; see
-https://www.windump.org/[the WinDump Web site] for information on using
+https://www.winpcap.org/windump/[the WinDump Web site] for information on using
WinDump.
If you can capture on the interface with WinDump, send mail to
@@ -795,7 +792,7 @@ need to give your account sufficient privileges to capture packets. Only
those interfaces that Wireshark can open for capturing show up in that
list; if you don't have sufficient privileges to capture on any
interfaces, no interfaces will show up in the list. See
-https://gitlab.com/wireshark/wireshark/-/wikis/CaptureSetup/CapturePrivileges[the Wireshark
+{wireshark-wiki-url}CaptureSetup/CapturePrivileges[the Wireshark
Wiki item on capture privileges] for details on how to give a particular
account or account group capture privileges on platforms where that can
be done.
@@ -804,7 +801,7 @@ If you are running Wireshark from an account with sufficient
privileges, then note that Wireshark relies on the libpcap library, and
on the facilities that come with the OS on which it's running in order
to do captures. On some OSes, those facilities aren't present by
-default; see https://gitlab.com/wireshark/wireshark/-/wikis/CaptureSetup/CaptureSupport[the
+default; see {wireshark-wiki-url}CaptureSetup/CaptureSupport[the
Wireshark Wiki item on adding capture support] for details.
And, even if you're running with an account that has sufficient
@@ -927,7 +924,7 @@ display IP addresses as host names, it will probably block for a long
time trying to resolve the name because it will not be able to
communicate with any DNS or NIS servers.
-See https://gitlab.com/wireshark/wireshark/-/wikis/CaptureSetup/WLAN[the Wireshark Wiki
+See {wireshark-wiki-url}CaptureSetup/WLAN[the Wireshark Wiki
item on 802.11 capturing] for details.
=== How do I capture on an 802.11 device in monitor mode?
@@ -976,7 +973,7 @@ preferences file by adding a `tcp.check_checksum:false` line.
=== I've just installed Wireshark, and the traffic on my local LAN is boring. Where can I find more interesting captures?
We have a collection of strange and exotic sample capture files at
-https://gitlab.com/wireshark/wireshark/-/wikis/SampleCaptures[https://gitlab.com/wireshark/wireshark/-/wikis/SampleCaptures]
+{wireshark-wiki-url}SampleCaptures[{wireshark-wiki-url}SampleCaptures]
=== Why doesn't Wireshark correctly identify RTP packets? It shows them only as UDP.
@@ -1048,8 +1045,8 @@ supported on your system.
For some viruses/worms there might be a capture filter to recognize
the virus traffic. Check the
-https://gitlab.com/wireshark/wireshark/-/wikis/CaptureFilters[CaptureFilters] page on the
-https://gitlab.com/wireshark/wireshark/-/wikis[Wireshark Wiki] to see if anybody's added
+{wireshark-wiki-url}CaptureFilters[CaptureFilters] page on the
+{wireshark-wiki-url}[Wireshark Wiki] to see if anybody's added
such a filter.
Note that Wireshark was not designed to be an intrusion detection
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 09:36:33 +0000