长平狐 发布于 2012/08/13 15:44
阅读 354
收藏 0



sudo chmod 644 /dev/bpf*


然后重启wireshark, 就可以正常用wireshark的功能了。但这个方法每次重启电脑后又要重新运行命令才行,如果你常用wireshark,那有一个一劳永逸的办法,具体参看:




Unfortunately every time you reboot this will reset, but if you are a frequent user of Wireshark you can add the ChmodBPF StartupItem to alter them automatically (available in the Utilities folder on the Wireshark disk image). To install you’ll need to follow two steps.

First, drag the ChmodBPF folder to the StartupItems alias in the same folder (or drag it to /Library/StartupItems directly). Type your password to authenticate and move the folder into the correct location.

The second requirement is only for 10.6+ users. Starting with Snow Leopard the security permissions of StartupItems are being enforced. Scripts that do not have the proper owner and group will receive this error:

Insecure Startup Item disabled. – “/Library/StartupItems/ChmodBPF” has not been started because it does not have the proper security settings

The proper security settings are ownership of the scripts by root and group of wheel.1 To set them:

sudo chown -R root:wheel ChmodBPF
  1. The correct settings for startup items can be found in this Apple KB article 







以前在windows下有很多这类工具,如sniffer。我今天用它深入了解了一下HTTP protocol.