Wireshark on Snow Leopard

Category: Tech Comments: 2 comments

Finally fixed a bug that’s been annoying me for months. I managed to get Wireshark up and running on OSX Snow Leopard – without any crappy workarounds such as running it inside a virtual XP machine. The video below by dangribbin explains it all.

Summarizing the steps:

  1. Download and mount Wireshark for 10.5 Leopard Intel
  2. Drag Wireshark to Applications
  3. Open a terminal and type:
    defaults write com.apple.finder AppleShowAllFiles YES
    killall Finder
    com.apple.Finder (i.e. Finder with a capital F) did not work for me!
    – For more info on defaults type man defaults.
  4. Create /usr/local/bin/ if you don’t already have one.
  5. Drag the Command Line utilities into /usr/local/bin/.
  6. Drag ChmodBPF folder to Startup Items.
  7. In the terminal type:
    sudo chown -R root:wheel ChmodBPF
  8. Launch Wireshark
  9. Add /usr/share/snmp/mibs/ under Edit Preferences Name Resolution SMI (MIB and PIB) paths Edit New
  10. Reboot, done!

    2 comments to Wireshark on Snow Leopard

    • ed  says:

      Mi problem is that under edit-preferences-Name resolution i got no SMI (MIB and PIB) edit option i wen i try to scan there are no interfaces to capture on!

    • teknopipo  says:

      Have you got the latest Wireshark version? What options do you get under Edit>Preferences>Name Resolution?

    Leave a reply

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>