How to capture network traffics in Wireshark | Lesson 2


The is the second lesson in Wireshark, If you didn’t read the first lesson please [Click here] to read.

Below is the video format of the post, check it out. In this post, we will be seeing how to capture traffics in Wireshark.

Wireshark Lesson 1 [Click here]

Wireshark Lesson 2 [Click here]

Wireshark Lesson 3 [Click here]

Wireshark Lesson 4 [Click here]

Wireshark Lesson 5 [Click here]


Wireshark Lesson 2 How to capture network traffics

Just follow the below sub-items and I am sure you are going to master the Wireshark tool. If you have any doubt comment down below or watch the video I made.

Installing capture driver

In order to capture traffics, Wireshark needs a capture driver. In simple words, Wireshark is a packet analyzer, but it can’t capture the packets without drivers.

To know which packet capture driver you are using, Just go to Help > Click About Wireshark


The capture interface

You will be seeing the capture interface as soon as you open Wireshark. If you didn’t see anything captured then make sure you run as administrator

Configure capture options

To configure the capture interface go to capture option > Click manage interface

You can see at the capture interface there are many networks to configure that we are going to manage the interface.

As soon as you click manage interface you can see the below window.

You can now unwanted networks, For eg, I don’t need the local area connection so, I will just uncheck them and click ok and then you will not see the local area connection network.

Make sure your capture interface is clean when you work.


You can see I have removed local area connection networks.

Promiscous mode

The promiscuous mode allows all the traffics and to learn what exactly is promiscuous mode [Click here]

You can enable the promiscuous mode in the capture option

Configure long term filter

When you are working in Wireshark you will be capturing tons of packets that may exceed your hardware limit, To reduce it let’s do some configuration.

I prefer 250 MB is great if it is more than 250 MB then your Wireshark will take a lot of time to load it. So, the max packets to capture at one time is 250 MB. You can go beyond 250MB but it is going to take a long time to load.

Now, You can set the capture limits at the capture option > output

The first thing we are doing is clicking the output menu and choosing the file where you wanna save the packets.

The second choose the output format as pcappng or pcap.

Then, the third step is to click on create a new file automatically and choose the 500 MB and check it.

In the fourth step choose how the file is to be saved, it can be in a normal file or compressed file. I prefer the compressed file gzip.

Don’t skip the fifth step because if you didn’t check it then your hardware is going to fill up with lots of data.

So, Check the ring buffer and choose how many files to be store. For eg, if you want five files to be stored and the ring buffer will stop the capture once the five files are captured.

At last you can start the capture.

I know it is a little complicated to learn in blogposts that is why I made a YT video on Wireshark. Check it out.



In this post, we have seen how to configure the capture interface and seen how to set our environment in Wireshark.

At last, we have seen how to capture the packets.

There is a Lesson 3 in Wireshark, to read it [Clickhere]

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top