Right now I am using MacOS X with version 10.6.7 and a 2 Ghz Intel Core duo. Every time I double click Wireshark, the program opens and then instantly quits. Can you explain to me what's going on? If you need more info please let me know. Thanks. asked 17 May '11, 11:21  redelman431 edited 19 Apr '12, 12:25  grahamb ♦ showing 5 of 9 show 4 more comments |
2 Answers:
try installing XCode. answered 18 Apr '12, 09:00  Abhishek |
Did you install this from one of the .dmg's on wireshark.org? If so, did you install the 32-bit Leopard version or the 64-bit Snow Leopard version? If you have a Core Duo processor, rather than a Core 2 or a Core i{3,5,7} processor, you have a 32-bit processor and the 64-bit version will not run, so you have to install the 32-bit Leopard version even though your machine is running Snow Leopard (we aren't building a 64-bit Leopard version). answered 18 Apr '12, 11:20  Guy Harris ♦♦ |
What version of Wireshark are you using?
version 1.4.6
@redelman431 Can you try 1.6.0rc1?
Same thing happens.
Are you able to run tshark from the command-line? What happens if you try to start Wireshark from the command-line - do you get any error messages printed out?
Your console log should be capturing these crashes (
/Applications/Utilities/Console). Also check for Wireshark crash reports in~/Library/Logs/DiagnosticReports/wireshark-bin_*.crash.This is a common problem and so far there are no good answers. The best answer I have seen about this is: https://discussions.apple.com/thread/3873212?start=0&tstart=0 at the bottom he says: Easiest? Contact the folks that are administering the Wireshark download kit for OS X, and tell them that it's broken, and pass along the errors you're getting.
The Wireshark installer package deals with the installation itself; with locating the tools in the expected places. (Wireshark is clearly not set up as a Mac application bundle - which you could then drag where you want ...
There's no "this" here - there's more than one problem. The problem redelman431's seeing might be the comment "libfreetype is too old" problem, or it might be "running the 64-bit build on a 32-bit machine".
The fastest way to try to deal with the "libfreetype is too old" problem is to update to 10.6.8 and install all the security updates (keep running Software Update until it has no updates for you); that could get things going in a relatively short period of time.
And, actually, Wireshark is an application bundle that you can drag elsewhere - I just did that (dragged it from
/Applicationsto my home directory) and it worked. The bundle doesn't include libfreetype, but it doesn't include libSystem either; it relies on the OS to supply that. (If MrHoffman thinks that only drag-install apps are application bundles, he's mistaken.)The problem is that, as per bug 5937, Wireshark is built against the library versions on the buildbot.