Using Wireshark With UniFi Access Points for Real Time Packet Capture

Commands used in video:

Connect to Access Point and filter for only VLAN tag 100
wireshark -k -i <(ssh thomas@192.168.3.41 -p 22 tcpdump -i br0.100 -U -w - )

Connect to Access Point and filter for only VLAN tag 69
wireshark -k -i <(ssh thomas@192.168.3.41 -p 22 tcpdump -i br0.69 -U -w - )

Connect to Access Point and filter out source connection address
wireshark -k -i <(ssh thomas@192.168.1.187 -p 22 tcpdump -i br0 host not 192.168.69.2 -U -w - )

How to make sure you can run Wireshark from your user:
sudo dpkg-reconfigure wireshark-common
Choose yes to allow non-superusers to capture packets

Allow user to run dupmpcap
sudo chmod +x /usr/bin/dumpcap

3 Likes

I am stuck from the word Wireshark. No seriously permission denied running the Unifi_Wireshark.sh and when I try sudo dpkg-reconfigure wireshark-common I get -
-ash: dpkg-reconfigure: not found

I have tried two waps, both nano-hd, one running 4.3.21, the other 4.0.54 and they both have the same problem. Where can I find some hints to overcome this?

I am having a horrible time getting any nano-hd with firmware higher than 4.0.54 to work with any of our 175 Honeywell thermostats. Any Firmware over 4.0.54 and the thermostats constantly request an IP and the DHCP server Offers but it either isn’t getting back out of the nano-hd or the thermostat doesn’t find the packet acceptable. Being able to do wireshark through the WAP would be an enourmous help, but definitely beyond my skillset at the moment. My linux is wanting…