Robert D. wrote:
My google searching discovers this is pervasive. None the less, I can't
seem to solve it on my system.
If I type: sudo wireshark in Terminal (and give password) then I get:
(wireshark:528): Gtk-WARNING **: cannot open display:
What if you do
echo $DISPLAY
in Terminal?
If it doesn't print:
:0.0
then you need to do either
DISPLAY=:0.0; export DISPLAY
if you're using a Bourne-compatible shell (bash, ksh) or
setenv DISPLAY :0.0
if you're using a C-shell-compatible shell (tcsh).
If you do that in your .login or .profile, it'll happen automatically.
If I navigate waaaaay down the tree in
opt/local/var/db/dports/software/wireshark/0.99.5_0+darwin_8/opt/local/share
and double click the unix executable Wireshark, then it runs but
obviously hasn't the ability to find the network points.
"Obviously"? Why? Because it's not running as root? If so, note Luis
Ontanon's comment. The libpcap source tree has an OS X startup item
that sets the permissions on the BPF devices for you, so you don't have
to do it after every rebooth; I've attached it (it's a bzipped tarball;
extract it into /System/Library/StartupItems, so that there's a ChmodBPF
directory under /System/Library/StartupItems).
One time, shortly after re-installing X-11 this morning, I was able to
do a sudo wireshark and have it run corectly AND locate the various
network points.
When I discovered that none of my running programs could get to the
Internet anymore, I suspected Wireshark had intercepted the en1 path
No, it doesn't intercept the en1 path. However, on some Intel-processor
notebooks, with the standard libpcap, Wireshark will end up opening the
"monitor mode" version of en1, which causes it to de-associate from
whatever network you're associated with.
I think Andreas Fink's Wireshark package for OS X:
http://www.finkconsulting.com/page7.php
is built with a version of libpcap that avoids this. (The Fink and
DarwinPorts packages, as far as I know, are built with the standard
libpcap in OS X.)
Attachment:
ChmodBPF.tar.bz2
Description: Binary data
