The University of Adelaide Home | Faculties & Divisions | Search
spacer
School of Computer Science The University of Adelaide Australia
Computer Science Home
About the School
News
Current Students
Future Students
International Students
Business & Industry
Visitors
Staff
Programs
Courses
Research
Facilities
Seminars
Occupational Health & Safety
Staff Only
text zoom: S | M | L

School of Computer Science
Plaza Building
THE UNIVERSITY OF ADELAIDE
SA 5005
AUSTRALIA
Email

Telephone: +61 8 8303 5586
Facsimile: +61 8 8303 4366

You are here: Computer Science > Staff > cheryl > MANET

How to set up/run wireshark on Mac OS X

  1. Go to www.wireshark.org and download the latest stable version.
  2. Follow the instructions in the Read me first.rtf file.

    Some notes:

    In step 2, printenv will show you what is in your path. If you want to add another folder to your path, you can edit your .bash_profile file in your home directory by adding the directory to the PATH variable or if that variable is not in the file add a line export PATH=$PATH:/dir/dir/bin where you replace /dir/dir/bin with the actual directory you are placing the Command Line folder in.

    step 3 is a little unclear on what you need to do, so here are the details

    1. Read the README.macosx file in the Utilities/Startup folder to understand what directories/folders you need
    2. make a directory /Library/StartupItems/ChmodBPF.
    3. copy ChmodBPF and StartupParameters.plist in the Utilities/Startup folder into your newly created /Library/StartupItems/ChmodBPF directory.
    4. Make all of the files owned by root with wheel group using 
      cd /Library/StartupItems
sudo chown -R root:wheel ChmodBPF
    5. restart your mac (this will cause the ChmodBPF to actually run, otherwise you will still be running wireshark as you rather than root which means you will not see any interfaces to capture on).
    6. launch wireshark - if you get some warnings about errors loading MIBS, in wireshark Edit - Preferences - Name Resolution, click Edit 'SMI (MIB and PIB) paths. Click 'New' and add /usr/share/snmp/mibs/
  3. Enjoy wireshark.....
  4. New addtion - if you've upgraded through software update from verson 10.5.5 or 10.5.6, you may need to fix some symbolic links, that don't point to the upgraded libfontconfig libraries. Here's what mine looked like: 
    
ls -l /usr/X11/lib/libfontconfig*
-rw-r--r--  2 root  admin   149412  1 Apr  2009 /usr/X11/lib/libfontconfig.1.0.dylib
-rwxr-xr-x  1 root  wheel  1056752 19 Mar  2009 /usr/X11/lib/libfontconfig.1.3.0.dylib
lrwxr-xr-x  1 root  admin       23  1 Apr  2009 /usr/X11/lib/libfontconfig.1.dylib -> libfontconfig.1.0.dylib
-rw-r--r--  2 root  admin   188992  1 Apr  2009 /usr/X11/lib/libfontconfig.a
lrwxr-xr-x  1 root  admin       23  1 Apr  2009 /usr/X11/lib/libfontconfig.dylib -> libfontconfig.1.0.dylib
    Note the symbolic links point to libfontconfig.1.0.dylib rather than 1.3. If yours do too. Then you can fix them as follows: 
    
sudo ln -sF libfontconfig.1.3.0.dylib /usr/X11/lib/libfontconfig.1.dylib

sudo ln -sF libfontconfig.1.3.0.dylib /usr/X11/lib/libfontconfig.dylib