The process in Yosemite is (compared with root-canal work, income taxes, or previous versions of OS X) relatively painless. How to install (or reinstall) OS X. In theory, you should have to install Yosemite only once, or never if your Mac came with Yosemite preinstalled. Apr 06, 2015 WireShark needs the X11 interface to run. I needed to get this X11 thing. Fortunately this turned out to be super easy. There’s a nifty little program called XQuartz that lets Mac users run applications that need the X11 environment. To run WireShark all I needed to do was download and install XQuartz.
The other day I was playing with network simulator called GNS3.
GNS3 is a hardware emulation package (or as recondite geeks like to say “hypervisor”) that lets you setup and connect virtual appliances like Cisco routers and switches. It’s great because you can setup complete networks, Windows 2012 Active Directory domain controllers, web servers or really any network topology your incandescent mind can dream up. And the entire network environment is insular. It doesn’t interfere with your production network. So you can test and break things without any worries. GNS3 is a great tool. It’s free and can keep you entertained for hours.
I’ve used GNS3 on my Windows 8.1 machine but never on my Mac.
So I’m new to this whole thing – but I figured I share what I learned today.
After setting up the app, I realized if I right clicked a virtual ethernet cable (the black lines that connect the devices) a pop-up would sprout telling me that I could start a capture.
Intrigued, I realized that I could capture packets between my virtual devices and analyze the protocols! This really got me going because I knew it would help me understand how the protocols worked and really grasp the fundamentals of TCP/IP networking.
So what did I do?
Well, GNS3 doesn’t ship with a protocol analyzer so I needed to get my own.
Wireshark is my favorite on the PC so I went on the hunt for an version available for Mac. wireshark.org had exactly what I needed.
I quickly grabbed the DMG, dumped it in my Applications folder (Shift + Command + a) and fired up the app.
The blue dorsal fin icon began to bounce in the Dock as if to say “Look at me! Look at Me!” but then something unexpected happened…
I was greeted with a screen asking me where something called X11 was located?
What the heck is X11 and why didn’t this happen on my PC?
I did some Googling and discovered X11 is the thing that makes UNIX pretty. It’s the graphical user interface (GUI) for UNIX apps. Back in the late 90s when I left the dark and austere world of MS-DOS for Windows 95, UNIXphiles where dragging and minimizing windows in a system called X-Windows (or sometimes X11).
WireShark needs the X11 interface to run. I needed to get this X11 thing.
Fortunately this turned out to be super easy. There’s a nifty little program called XQuartz that lets Mac users run applications that need the X11 environment. To run WireShark all I needed to do was download and install XQuartz.
Wireshark Mac Filter
The installer breezed through the first 5/8ths of the process but then seemed to hang on Running package scripts where it ironically said I had about a minute remaining in the install time.
Don’t you hate it when that happens? The installer makes you wait until 99%. There’s a single pixel of space between it and the 100% mark but then it just gives up and says “Ha, I was just kidding! I’m going to make you wait even longer”
Man that was one looooong minute. It was probably stuck here for 15 full minutes. I actually thought the application froze but it was really just moving at a glacial pace.
Once the second ice age passes, click the WireShark icon and wait an equally long time for it to startup. For some reason it took my poor Macbook Air an eternity to start the app.
If that happens to you, press Command + q to quit Wireshark then the second time it starts up you should see the Where is X11? window again.
But this time we have it – we know exactly where X11 is – we just need to know where to look.
Click Browse and scroll down to X11 in the Utilities folder.
After clicking Choose in the bottom right corner of the Finder, you’ll see Wireshark attempt to startup but it still needs a little help. The XQuartz icon should automatically leap into your dock after you attempt to open Wireshark (Command + Shift, “wireshark”)
It’ll still take a while for the application to startup the first time; however I expedited the process by closing and reopening the application three times before it caught on.
Don’t worry, If you installed XQuartz, Wireshark will load you just have to wait about five minutes before it opens on the initial load.
Thank God this was only the case for the initial start. Subsequent starts opened appreciably quicker.
Now back in GNS3, it’s really easy to capture traffic in your virtual lab.
Start all your devices (or all relevant devices) by click the Play button and then right click the link and choose Start Capture. A new Wireshark instance will spawn.
Right now it looks empty because my Virtual PC isn’t doing anything.
But we can spit out a few pings to change that!
Wow look at that.
You can actually see the ICMP echo replies and responses in the output when I ping my default gateway of 10.0.0.1.
There you go.
This may sound stupid but I literally spent hours trying to figure out how to get Wireshark working on my Mac. I didn’t want you to share my discomfiting journey so I figured I owed it to you…. I figured it was my duty to share how I did this.
I hope it helps! Cisco anyconnect vpn for mac os mojave. Cheers.
Wireshark For Mac Yosemite Update
Wireshark 3.2.5 (64-bit) LATEST
macOS X 10.12 Sierra or later
Author / Product:
Wireshark Foundation / Wireshark for Mac (64-bit)
Wireshark 3.2.5 Intel 64.dmg
Wireshark for Mac (64-bit) 2020 full offline installer setup for Mac
Wireshark for macOS was written by networking experts around the world, and is an example of the power of open source. The app is used by network professionals around the world for analysis, troubleshooting, software and protocol development and education.
The program has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements.
Features and Highlights
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
Also Available: Download Wireshark for Windows