I would like to capture the communication between my browser and a server with Wireshark on mac os 10.6.6 but i can't get any interface..
So I went "in read me 1st" then through forums and i understood that I must put the ChmodBPF folder (provided with the soft) in the /Library/StartupItems directory in order to give to Wireshark access to the BPF device. (I hope I'm on the right way to solve the issue..)
I tried with the console and administrator session to do this but seems that i don't have permission to do this so i put it in /Library and just to try i launched ChmodBPF manually (still with administrator session) but I get this as answer : 'line 35: $1: unbound variable logout'
I m really stuck since more than 40 hours now, I read tutorials and watched videos on Wireshark and it seems really great, this is why I insist so much in trying to have it work, I keep on searching but now I m starting to believe that I wont find without ur help. Pls I need u :)
This question is marked "community wiki".
Something is amiss. So, let's try this. First we'll delete the ChmodBPF directory that you've created, then we'll copy the directory over properly.
1) Download the latest Wireshark .dmg file and open it up. If done properly, a new Finder window should open. Just leave it.
2) Open a terminal window. Issue this command to verify that the dmg is loaded in the usual spot: "ls /Volumes/Wireshark/Utilities/" If you see the list of files then it's loaded properly.
3) Now, let's delete what you've installed before. Issue this command: "sudo rm -rf /Library/StartupItems/ChmodBPF" If this returns an error then the ChmodBPF must not be there.
4) Now to copy the ChmodBPF startup item properly: "sudo cp -R /Volumes/Wireshark/Utilities/ChmodBPF /Library/StartupItems"
5) Now change the owner of the ChmodBPF startup item: "sudo chown -R root:wheel /Library/StartupItems/ChmodBPF"
6) Now just run "sudo SystemStarter start ChmodBPF" or reboot, and test it out.