As mentioned in this post, you can create and share custom profiles. However, that is not the extent of profile management. Another great way to utilize these files is to synchronize Wireshark profiles between systems. In this day and age you probably have more than one computer (laptop, VM, home desktop??). Also, if you’re like me you probably have Wireshark installed on anything you can get your hands on! It can be a bit of a pain to keep your favorite Wireshark settings such as protocol options, coloring rules, and saved display filters up to date with each Wireshark installation. Using Dropbox (or a similar service) you can easily keep your Wireshark profiles in sync on all computers. All that is required is another quick and easy modification and a shared storage location; whether it be a local storage drive or cloud storage. The pertinent folders are shared in the previously linked post as well as in the Wireshark documentation. The two methods I have used for syncing files are outlined below.

Method 1

Use the “-P” parameter

Start Wireshark with the “-P persconf:path” parameter from the command line or shortcut. This allows you to specify your personal configuration directory. For example, if your Wireshark OneDrive directory is at C:\Users\UserName\OneDrive\WiresharkSettings then you would use this command:

wireshark -P persconf:C:\Users\UserName\OneDrive\WiresharkSettings

This is an easy way to synchronize your files, but I found this method wasn’t always consistent and it didn’t work as well from my start bar shortcut. Also, since we’re just linking the plugins and profiles folders in the Personal Configuration folder, this will only include the profiles and plugins, not the ‘recent’ saved settings such as recently opened files, capture filters, display filters, viewing options, etc.. I find it particularly helpful to have all of those recent items synced but had issues with Windows trying to overwrite them. If you’d rather have everything sync (and deal with those issues), just make a symlink to the entire .wireshark or Wireshark folders as detailed in Method 2.

Method 2

Use Symbolic Links

Symbolic links are similar to shortcuts at a high level. They allow you to link to a different location from your current directory. If that link is broken the actual file location continues to exist, unaffected. While this does require modification at the file structure level it doesn’t require any changes to Wireshark itself. This is a bit more difficult than Method 1, but not anything a typical system admin can’t handle. Here is the process:

Copy the Files

Create the Links

Create the symlink so Wireshark looks at the Dropbox folder instead of the local settings folder. With Wireshark closed, run the following commands using the folder path of your shared Wireshark settings folder (if different than mine).

On Linux or OS X:

<

p style=”padding-left: 30px;”>`# Backup local settings
$ mv .wireshark/profiles .wireshark/profiles.OLD
$ mv .wireshark/plugins .wireshark/plugins.OLD

Create the Symbolic links to the Dropbox folder

$ ln -s ~/Dropbox/WiresharkSettings/plugins ./.wireshark/plugins
$ ln -s ~/Dropbox/WiresharkSettings/profiles ./.wireshark/profiles`

On Windows (run in command line):

<

p style=”padding-left: 30px;”>`# Backup local settings

move %APPDATA%\Wireshark\plugins %APPDATA%\Wireshark\plugins.OLD
move %APPDATA%\Wireshark\profiles %APPDATA%\Wireshark\profiles.OLD

Create the Symbolic links to the Dropbox folder

mklink /D %APPDATA%\Wireshark\plugins "%USERPROFILE%\Dropbox\WiresharkSettings\plugins"
mklink /D %APPDATA%\Wireshark\profiles "%USERPROFILE%\Dropbox\WiresharkSettings\profiles"`

Note: quotation marks are only required if your folder name has a space in it.

Now, when you open Wireshark you should see that your settings and profiles are still there. Not much has changed yet, but the magic happens when you create the links on an additional computer. Happy capturing and I hope this helps someone else as it has me.