Wireshark is every
fly fisher who’s missing the fall brown run’s ubergeek’s favorite network protocol analyzer, both because it kicks main butt, and it’s free. With the recent upgrade to Snow Leopard, I finally found a need to upgrade. Then the trouble started (i.e. Wireshark didn’t work anymore). After doing a little research and scanning the support boards, I’ve got it running error free. But as the tips I used to get it that way are spread across the interwebs, I’m assembling the step-by-step here for the rest of you streamer-obsessed knuckleheads who are breaking fly rods over their knees as we speak Wireshark/Snow Leopard users who have just as little time on their hands as I do right now.
Download Wireshark from here. Mount the .dmg file.
Drag the Wireshark application icon to the handy dandy Applications alias the fine developers at Wireshark provided for you in that disk image. Then, open up the Utilities folder in the disk image, and drag the ChmodBPF folder into the StartupItems alias sitting below it. After that, open up a new finder window and navigate to
/usr/local/bin. Open up the Command Line folder in the disk image (under /Utilities) and drag those contents over to
/usr/local/bin. You’ll probably have to authenticate at that point, so do so.
Open up a terminal window and type in the following commands:
sudo chown -R root:wheel ChmodBPF
You’ll probably be asked to enter an su password. Do so. Then exit terminal.
Go to Applications and click on Wireshark. When the application opens you’ll probably see a another window open up along with it containing a bunch of errors. Close that window. Next, select Edit then Preferences from the Wireshark application window. Select Name Resolution, and click the Edit button next to “SMI (MIB and PIB paths”. Click the new button, and enter
/usr/share/snmp/mibs/ in the little Directory Path popup window. Click Apply, and then Close.
Exit Wireshark and reboot.
All should be well in network protocol analyzer-ville.
UPDATE: Please note that these instructions applied to Wireshark Version 1.2.2 (SVN Rev 29910), and several comments have suggested that newer versions of Wireshark may no longer support libSMI. For this issue I can only suggest checking the Wireshark user guide and/or the wiki.