Wireshark is a network protocol analyzer for Unix and Windows. I would not vote for the “Unix” declaration. Unix is not Linux, right?
Wireshark does not start after install
Wireshark does not work out of the box, as it requires X11 Quartz to run in the background. The X11 libraries cannot be found, as Wireshark expects them to be in a different location. The error looks like:
2015-02-08 07:38:03.043 defaults[14411:90526] The domain/default pair of (kCFPreferencesAnyApplication, AppleAquaColorVariant) does not exist 2015-02-08 07:38:03.052 defaults[14412:90531] The domain/default pair of (kCFPreferencesAnyApplication, AppleHighlightColor) does not exist dyld: Library not loaded: /usr/X11/lib/libcairo.2.dylib Referenced from: /Applications/Wireshark.app/Contents/Resources/bin/wireshark-bin Reason: image not found Trace/BPT trap: 5
The solution is simple, to create a link to the X11:
sudo ln -s /opt/X11 /usr/X11
Yes, it is unbelievable, but the graphical view of Wireshark is not as nice as on other operating systems. Apparently, the X11 requirement makes the program hard to create in a unix-compatible way.
Here are some hints to make it less ugly, but do not expect miracles here…
Go for the built in command-line dedicated
tcpdump. Wireshark builds upon it anyway…