I've done everything that I have read to do to properly install wireshark on tiger. I have X11 installed and properly updated. When I double click the wireshark icon from the applications folder, the wireshark icon appears in the dock, then X11 appears, then wireshark disappears and X11 sits idle.
I don't think that Wireshark will run on Tiger. I think it's Leopard only. There is no installer for Tiger at http://www.wireshark.org/download.html , only Leopard installers for PPC or intel.
My memory for such things is not great, but I am fairly sure that I had it pre-Leopard. Or was it Ethereal in those days? Anyway, there is a version on
versiontracker that claims Tiger compatibility.
Hey A.K. -- okay I gotta concede that one -- v0.1 (May2007) sez' it's Tiger compatible. I am guilty of jumping to conclusions as to whether the O.P. was linking to Christian Hornung's website via versiontracker/macupdate, or linking directly to wireshark.org and grabbing v1.2.1 (Jul2009).
this didn't work, or maybe i'm doing it wrong. when the terminal came up i typed sudo wireshark and pressed return. it said sudo: wireshark: command not found
Try "open /Applications/Wireshark.app" (or whatever full path to the application). You can type "open" followed by a space bar then drag the Wireshark application icon into the terminal window in order to complete the command. Then, of course, depress the \[return] key. You are running v0.1 then? And did you type this in an X11 window or in a Terminal.app window?
You learn something every day! I find that in my case I don't need to start X11, as if I give the command in an ordinary terminal window if first fires up X11 and then Wireshark. I have the directory added to my unix $PATH, but I can also just type /usr/local/bin/wireshark. I am running version 0.99.6, so maybe it is time I updated it.
yeah, on my v1.2.1 double-clicking on the WireShark icon launches an instance of X11 then launches Wireshark inside that, similar to your experience of launching from Terminal command line.
If you update to 1.2.1, I don't know how 0.99.6 behaves, but starting with about v1.0.6, there was some "manual" modifications that you have to make with some path declarations so the program works right. And they have to be set up for each user of the application. I found out about it reading someone else's post about problems with Wireshark and some other smart guy on these forums had gotten the O.P. straightened out. That's as good as I can do for giving credit where credit is due.
You have to:
Go into Wireshark - Edit - Preferences Select Name Resolution Click 'Edit' 'SMI (MIB and PIB) paths' Add new path: /usr/share/snmp/mibs Find line in /Library/StartupItems/ChmodBPF/ChmodBPF that reads 'chgrp admin /dev/bpf*' is changed to 'chgrp staff /dev/bpf*' This last item is if you do what the readme says when installing it, and put ChmodBPF in the startup items folder and you want regular non-privileged user accounts to be able to run it.
Now, to try to get back on track with the original post, I would just have to say that I would check whether the version the O.P. has, is in fact the v0.1 that is purportedly Tiger capable. If the O.P.'s version is a download from wireshark.org, it appears to me that the versions currently posted there only support Leopard.
This thread has been closed by the system or the community team.
You may vote for any posts you find helpful, or search the Community for additional answers.
wireshark wont run
Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
