Wireshark Wiki

This is the wiki site for the Wireshark network protocol analyzer. If you would like permission to edit this wiki, please see the editing instructions page (tl;dr: send us a note with your GitLab account name or request access to the Wiki Editor group using the Gitlab feature).

General

HowToEdit: Information about how to edit the Wireshark wiki
SampleCaptures: Sample capture files for your edification and amusement
NetworkTroubleshooting: Information about tracking down network problems

Prepare Wireshark / TShark

BuildingAndInstalling: Building and Installing Wireshark (Developer’s Guide) (archived BuildingAndInstalling)
CaptureSetup: How to setup your network to successfully capture packets
CaptureSetup/Ethernet: Discusses capturing on switched Ethernet networks
CaptureSetup/WLAN: Frequently asked WLAN capture setup info

Use Wireshark / TShark

Things not (yet) part of the Wireshark User's Guide.

CaptureFilters: A collection of capture filter examples
DisplayFilters: A collection of display filter examples
ColoringRules: A collection of coloring rules examples
HowTo: How to do various things with Wireshark and Tshark
Preferences: Preference settings controlling the behaviour of Wireshark and TShark
Statistics: Statistics range from general capture file information to protocol specific statistics
Security: how to use Wireshark as securely as possible
Performance: how to "fine tune" Wireshark's performance
Timestamps: Accuracy, precision, and resolution
Tools: tools and scripts that relate to the use of Wireshark and TShark

References

ProtocolReference: Reference for network protocols
PortReference: TCP/UDP Port number reference
Display Filter Reference: comprehensive list of all valid display filter fields
FileFormatReference: Wireshark's read/write support of (foreign) capture file formats
SwitchReference: Notes on using particular switch models for capture
HubReference: Notes on using particular hub models for capture

Miscellaneous