While I'm working on a problem, I wanted a compromise between the command prompt where I can start capturing immediately and the convienance of the GUI.
So here it is; a shortcut (WINDOWS ONLY) that will immediately start Wiresahark and capture when you open it.
The process is pretty simple;
- Go to your command prompt and to the progam files\wireshark directory. Type tshark -D and note which interface you want to capture from. In my case, I want to capture from my docking station which shows up as " USB2.0 to Fast Ethernet Adapter". Highlight the text with the \Device stuff.
- Either create a new Wireshark ICON, or copy an existing one. In the Target dialogue box, add -i and paste the "\Device..." -k to the right of the Wireshark.exe . Make sure you add double qoutes around the \Device info. You can also use the Interface number to the left of the interface. For example, I could have used 7. The problem with the interface number is that if I install new NIC driver, the numbers will get all out of whack, where the Device info will always remain the same.
- Rename your icon to something more accurate.
Now when I double click this icon, Wireshark will launch and start capturing from my Docking station Ethernet Port.