Wireshark MacOS Integration

Before posting something, READ the changelog, WATCH the videos, howto and provide following:
Your install is: Bare metal, ESXi, what CPU model, RAM, HD, what EVE version you have, output of the uname -a and any other info that might help us faster.

Moderator: mike

Post Reply
2600
Posts: 36
Joined: Mon Mar 20, 2017 7:45 pm

Wireshark MacOS Integration

Post by 2600 » Tue Mar 28, 2017 7:13 pm

Is there a way to effectively integrate wireshark on a Mac? I don't see anything in the HowTo section.

Thanks in advance.

ramindia
Posts: 409
Joined: Sun Mar 19, 2017 10:27 pm

Re: Wireshark MacOS Integration

Post by ramindia » Tue Mar 28, 2017 7:35 pm

2600 wrote:
Tue Mar 28, 2017 7:13 pm
Is there a way to effectively integrate wireshark on a Mac? I don't see anything in the HowTo section.

Thanks in advance.
I have not tried myself, but known person using, here is the youtube video for your reference.

https://www.youtube.com/watch?v=JRk9ZsgNwr4

R!

2600
Posts: 36
Joined: Mon Mar 20, 2017 7:45 pm

Re: Wireshark MacOS Integration

Post by 2600 » Sat Apr 01, 2017 5:00 pm

That doesn't work now in EVE-NG. I am not an expert in Applescript, but for me, this fails to launch Wireshark, though it does run a tcpdump. This method DID work with the old Unetlab.

mike
Posts: 135
Joined: Wed Mar 15, 2017 3:30 pm

Re: Wireshark MacOS Integration

Post by mike » Sat Apr 01, 2017 5:39 pm


2600
Posts: 36
Joined: Mon Mar 20, 2017 7:45 pm

Re: Wireshark MacOS Integration

Post by 2600 » Sun Apr 02, 2017 11:56 am

I don't know why it wasn't working. I just had to remove Wireshark and reinstall and all started working again.

vikingodeloxxo
Posts: 3
Joined: Tue Apr 04, 2017 10:56 pm

Re: Wireshark MacOS Integration

Post by vikingodeloxxo » Fri Apr 07, 2017 1:55 am

Hi,

In case you want to modify your own WireShark app in the mac, I was able to make it work by doing the following:

On the Library browsed to /Applications/Wireshark.app/Contents and added the following to the Info.plist file:

Code: Select all

...
		<!-- XXX - This dictionary needs a lot more entries -->
	</array>
+	<key>CFBundleURLTypes</key>
+	<array>
+ 	<dict>
+   	<key>CFBundleURLName</key>
+    		<string>SysPref Handler</string>
+    	<key>CFBundleURLSchemes</key>
+   	<array>
+     		<string>capture</string>
+    	</array>
+ 	</dict>
+	</array>
	<key>CFBundleInfoDictionaryVersion</key>
	<string>6.0</string>
...

2600
Posts: 36
Joined: Mon Mar 20, 2017 7:45 pm

Re: Wireshark MacOS Integration

Post by 2600 » Fri Apr 07, 2017 1:58 am

That is very interesting.

However, that probably needs to be re-done after each upgrade, right?

Post Reply