wireshark强大的抓包工具

wireshark是跨平台的抓包工具，官网在:http://www.wireshark.org/,

我在mac上安装了wireshark，但运行的时候不能detect到device，或说我没有权限。解决办法就是在命令行输入

sudo chmod 644 /dev/bpf*

然后重启wireshark, 就可以正常用wireshark的功能了。但这个方法每次重启电脑后又要重新运行命令才行，如果你常用wireshark，那有一个一劳永逸的办法，具体参看：

http://langui.sh/2010/01/31/no-interfaces-available-in-wireshark-mac-os-x/

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝以下是转载＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

Unfortunately every time you reboot this will reset, but if you are a frequent user of Wireshark you can add the ChmodBPF StartupItem to alter them automatically (available in the Utilities folder on the Wireshark disk image). To install you’ll need to follow two steps.

First, drag the ChmodBPF folder to the StartupItems alias in the same folder (or drag it to /Library/StartupItems directly). Type your password to authenticate and move the folder into the correct location.

The second requirement is only for 10.6+ users. Starting with Snow Leopard the security permissions of StartupItems are being enforced. Scripts that do not have the proper owner and group will receive this error:

Insecure Startup Item disabled. – “/Library/StartupItems/ChmodBPF” has not been started because it does not have the proper security settings

The proper security settings are ownership of the scripts by root and group of wheel.¹To set them:

sudo chown -R root:wheel ChmodBPF

1. The correct settings for startup items can be found in thisApple KB article↩

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝转载完毕＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

以前在windows下有很多这类工具，如sniffer。我今天用它深入了解了一下HTTP protocol.

你可以参看：http://www.360doc.com/content/10/0930/17/3668821_57590979.shtml