Tuesday, November 12, 2013

Getting wireshark going on Snow Leopard


 tep 1
Download Wireshark from here. Mount the .dmg file.
Step 2
Drag the Wireshark application icon to the handy dandy Applications alias the fine developers at Wireshark provided for you in that disk image. Then, open up the Utilities folder in the disk image, and drag the ChmodBPF folder into the StartupItems alias sitting below it. After that, open up a new finder window and navigate to /usr/local/bin. Open up the Command Line folder in the disk image (under /Utilities) and drag those contents over to /usr/local/bin. You’ll probably have to authenticate at that point, so do so.
Step 3
Open up a terminal window and type in the following commands:
cd /Library/StartupItems
sudo chown -R root:wheel ChmodBPF

You’ll probably be asked to enter an su password. Do so. Then exit terminal.
Step 4
Go to Applications and click on Wireshark. When the application opens you’ll probably see a another window open up along with it containing a bunch of errors. Close that window. Next, select Edit then Preferences from the Wireshark application window. Select Name Resolution, and click the Edit button next to “SMI (MIB and PIB paths”. Click the new button, and enter /usr/share/snmp/mibs/ in the little Directory Path popup window. Click Apply, and then Close.
Step 5
Exit Wireshark and reboot.
All should be well in network protocol analyzer-ville.
Editor’s note: special thanks to Nick Kleinschmidt and Dan Hale for helping out here.
UPDATE: Please note that these instructions applied to Wireshark Version 1.2.2 (SVN Rev 29910), and several comments have suggested that newer versions of Wireshark may no longer support libSMI. For this issue I can only suggest checking the Wireshark user guide and/or the wiki.

No comments:

Post a Comment