Just started to learn Wireshark. I learnt how to capture packets from my system to any other to which it sends the packets.
What if I want to track all the packets flowing through my router, as if I am running the Wireshark on my router?
And is it possible to capture packets from other systems connected to a network?
答案1
You need to channel the traffic through your network interface. There are more ways to achieve this, depending on which physical interface you are using (WiFi, Ethernet, PPP...). Please read this section.
答案2
What if I want to track all the packets flowing through my router, as if I am running the Wireshark on my router?
Wireshark can capture traffic from the network interfaces of the host where it runs.
If you want to monitor traffic that is not passing thru the host where it runs, then this traffic should be routed to the host.
Some models of network switches and routers have "port mirroring" function that allows one to copy some traffic passing via the device to one of the available ports. By enabling this option and connecting your host to this port you will be able to use Wireshark to capture the traffic, because it will be arriving to the network interface of the host and therefore will be accessible by Wireshark.