Wireshark 说明文档

Before You Begin

 

This release of Wireshark requires Mac OS X 10.5.5 or later. If you are running Mac OS X 10.5.4 or older you can install using another packaging system such as MacPorts or Homebrew.

 

Quick Setup

 

1. Simply double-click the Wireshark package. For details about the installation read below.

 

What changes does the installer make?

 

The installer writes to the following locations:

 

• /Applications/Wireshark.app. The main Wireshark application.
• /Library/LaunchDaemons/org.wireshark.ChmodBPF.plist. A launch daemon that adjusts permissions on the system's packet capture devices (/dev/bpf*) when the system starts up.
• /Library/Application Support/Wireshark/ChmodBPF A copy of the launch daemon property list, and the script that the launch daemon runs.
• /usr/local/bin. A wrapper script and symbolic links which will let you run Wireshark and its associated utilities from the command line. You can access them directly or by adding /usr/local/bin to your PATH if it's not already in your PATH.

• /etc/paths.d/Wireshark. The folder name in this file is automatically added to PATH
• /etc/manpaths.d/Wireshark. The folder name in this file is used by the man command.

 

Additionally a group named access_bpf is created. The user who opened the package is added to the group.

 

How do I uninstall?

 

1. Remove /Applications/Wireshark.app
2. Remove /Library/Application Support/Wireshark
3. Remove the wrapper scripts from /usr/local/bin
4. Unload the org.wireshark.ChmodBPF.plist launchd job
5. Remove /Library/LaunchDaemons/org.wireshark.ChmodBPF.plist
6. Remove the access_bpf group.
7. Remove /etc/paths.d/Wireshark
8. Remove /etc/manpaths.d/Wireshark

 

How does the wrapper script work? What if I move Wireshark.app?

 

The script should find the Wireshark application bundle and run the appropriate executable automatically. It looks for Wireshark.app in the following locations:

 

• The path set in the WIRESHARK_APP_DIR environment variable
• /Applications/Wireshark.app
• The first path returned by mdfind "kMDItemCFBundleIdentifier == 'org.wireshark.Wireshark'"

 

If you move Wireshark.app the script should automatically find it. If it doesn't you will have to set WIRESHARK_APP_DIR to the path to (and including) Wireshark.app. Automatic discovery might fail if you have multiple copies of Wireshark installed on your system or if Spotlight indexing isn't working properly.

转载于:https://www.cnblogs.com/hcy-fly/p/8479813.html