Wireshark · Wireshark-dev: [Wireshark-dev] Problems capturing on Mac OS X

[Matthew Lucas <lucas.mat@xxxxxxxxx>]

Hi there,

I'm trying to run wireshark on my 2008 MacBook Pro, running Mac OS 10.6.6. I'm an admin user and I've copied the ChmodBPF folder to /Library/StartupItems and restarted my machine to cause it to run. On restart I got the following error:

When I navigate to /Library/StartupItems/ChmodBPF/ and run the ChmodBPF script, I get the following: 

Last login: Sun Feb  6 21:45:06 on ttys000

/Library/StartupItems/ChmodBPF/ChmodBPF ; exit;

Matts-MacBook-Pro:~ matt$ /Library/StartupItems/ChmodBPF/ChmodBPF ; exit;

/Library/StartupItems/ChmodBPF/ChmodBPF: line 35: $1: unbound variable

logout

[Process completed]

When I run Wireshark, there are no network interfaces listed, and if I start a capture listing "en0" which is the name of the network port I want to capture on, it tells me there's no such device.

Having read through all the documentation, it appears that the files that require permission change are in /dev - however I have no such folder. I've unhidden the hidden files and folders, and I've tried Go->Go to Folder->/dev to which I get the response "The folder can't be found". I certainly haven't deleted it, and from what I've read, I would imagine I would be having some fairly severe difficulties if I had, so it must have been intentionally moved or removed, presumably by Apple and presumably with a point update. So the question is, is all of this compatible with 10.6.6, and if it's not, is there something I can do manually to resolve it? Or have I simply done something wrong?

Regards,

Matthew Lucas

Mobile: 07595 220310

Home: 01432 340485