Wireshark 3.2.4 on MacOS Catalina

asked 2020-06-18 15:05:08 +0000

Nolliwira gravatar image

updated 2020-06-20 17:54:25 +0000

grahamb gravatar image

What's going on with Wireshark ... downloaded and installed the software on Mac Mini with Catalina ... all was good.

Began capturing traffic ... it created two files then stop creating output files. However, capturing traffic continued displaying for two days. Then, I stop capturing traffic with hope to start over.

So, I set up capturing again and click start ... nothing happened. Capturing never worked again no matter what. The first time it worked WIFI was not enabled. Is Wireshark now a one time use app?

It seems that this software is either not ready for MacOS Catalina. Discovered if one clicked on the capture option to set capture and save to file, capture doesn't work.

However, if one double clicked on the interface, it starts to capture even without a filter. If I apply a capture filter UDP port 37008, the bar turns green, yet it doesn't capture.

I am sending traffic from a Mikrotik using packet sniffer tool on the UDP 37008 and with TZSP protocol ... when I set that up the capture nothing happens, yet it did when using the Wireshark for the first time.

Nolliwira gravatar imageNolliwira ( 2020-06-20 17:17:17 +0000 )edit

Doesn't capture, or doesn't show the packets you are expecting?

Jaap gravatar imageJaap ( 2020-06-20 18:11:13 +0000 )edit

1 Answer

answered 2020-06-20 19:28:22 +0000

Guy Harris gravatar image

t seems that this software is either not ready for MacOS Catalina.

It works fine for me with 3.2.4 on 10.15.5.

I've done a capture on en0 (my Wi-Fi adapter), stopped the capture, and started a new capture on en0 - it worked fine.

I opened the Capture Options dialog, selected the "Output" pane, put "/tmp/outfile.pcapng" in the file name, and clicked "Start" - it captured into the file in question. I captured to a temporary file, and did a "Save As" - that worked as well.

And I captured with a capture filter of "udp port 53", and did some DNS lookups (with nslookup) - that captured the DNS packets.

