Many new Wireshark users on Mac OS X run into an issue where no interfaces show up when trying to begin packet capture. If you attempt to manually input an interface (such as en0) this error will occur:
The capture session could not be initiated ((no devices found) /dev/bpf0: Permission denied).
To have the interfaces show up properly you’ll need to widen the permissions on the Berkeley packet filter (BPF). By default they look like this:
crw------- 1 root wheel 23, 0 Jan 31 13:47 /dev/bpf0
We need the filter to be readable by non-root, so open Terminal.app and run this command:
sudo chmod 644 /dev/bpf*
Unfortunately every time you reboot this will reset, but if you are a frequent user of Wireshark you can add the ChmodBPF StartupItem to alter them automatically (available in the Utilities folder on the Wireshark disk image). To install you’ll need to follow two steps.
First, drag the ChmodBPF folder to the StartupItems alias in the same folder (or drag it to /Library/StartupItems directly). Type your password to authenticate and move the folder into the correct location.
The second requirement is only for 10.6+ users. Starting with Snow Leopard the security permissions of StartupItems are being enforced. Scripts that do not have the proper owner and group will receive this error:
Insecure Startup Item disabled. – “/Library/StartupItems/ChmodBPF” has not been started because it does not have the proper security settings
The proper security settings are ownership of the scripts by root and group of wheel.1 To set them:
sudo chown -R root:wheel ChmodBPF
I have returned from my trip to Costa Rica! Typically I don’t write about my personal experiences on this blog, but I’ve decided to try a photo journal style entry this time. Don’t worry, your regular nerd posts will resume shortly. As always, click the photo to go to the Flickr page. From there you can view any photo in much larger sizes. Be sure to view the set in its entirety as well.
Barbed wire coiled on a trail 3km from Arenal Volcano
To see more from each day (31 total) view the entire set.
Bash is an extremely powerful shell, but its shortcuts are not readily apparent. Here are a few shortcuts and tips that I’ve noticed many (already proficient) bash users are not aware of. You can also check out Improved Bash History and More Useful Bash/Terminal Settings for more ideas for improving your bash productivity.
When editing a long command, there are quite a few navigation and editing shortcuts. By default bash typically operates in emacs mode.
Meta keys are a bit tricky since they can differ based on your terminal application. On Windows/Linux it is typically Alt and on Mac OS X Terminal.app defaults to using Esc (but you can change it to option/alt in the preferences).
However, bash also has a vi/vim editing mode. To enable this type “set -o vi”. At this point all the typical vi shortcuts are available if you enter command mode (by hitting Esc). I don’t recommend using this unless you are very comfortable with vi already.
You can search through your history and rapidly find a command used previously with reverse-i-search. To invoke, press Ctrl-R and start typing. If you have multiple matches, hit Ctrl-R to cycle through them all. When coupled with an improved bash history this is an extraordinarily useful tool.
Bash allows you to stop, background, and foreground tasks. To background a process before it starts simply add & to the end of your command.2
mycommand &  1922
If you have an already running task and you’d like to stop it press Ctrl-Z. This task will obtain a job number (the number in brackets).
+ Stopped mycommand
You can then resume the task in the foreground with fg # or background it with bg #. To see a list of jobs that have been backgrounded or stopped type jobs.
Bash has two main output buffers: stderr and stdout. Both of these, by default, output to your terminal window.
I got tired of the performance issues I was having so I’ve migrated my blog to a Slicehost slice (512MB). Hopefully nothing is broken, but if you notice something let me know. Everything should load more quickly and consistently going forward!
To make up for posting that downer of a TSA article how about some photos from the day I spent in Jasper National Park? Click any image to go to the Flickr page and see it in larger sizes. Or you could just view the entire set!
Having just returned from a trip to Canada I have now experienced the new TSA security theater1 for flights inbound to the US from abroad. Hopefully your own experience will not mirror mine, but if these restrictions stay in place this post could be helpful to some.2
At check-in we discovered that the TSA will allow outbound flights to take backpacks and carry-ons, but when coming back into the country you must check them. In my case I was required to check both my backpack and my suitcase. This incurred a $20 charge for something I was forced to do, but the agent “generously” allowed me to check my backpack for free. Since that backpack was explicitly designed to hold only my laptop and camera equipment I had to pick a lens, attach it to my camera body, grab my (bare) laptop, and hope the rest of my equipment wasn’t damaged.
Once we dropped off our bags we entered the actual screening line. The staff there announced that each passenger would have their personal effects individually inspected and then they would undergo a body search. My agent searched through the belongings I had left (cell phone, keys, belt, shoes, wallet, coat, camera, and laptop) relatively thoroughly. She even looked through my wallet. I was informed that the new rules do allow laptop bags as long as they contain nothing but laptop-related equipment, as well as camera bags with the same restriction. Of course, you can’t carry two bags on so that doesn’t help people who need both.
After this I was supposed to receive a pat down search, but since every screener was busy the agent used an alternate method. She instructed me to rub my hands in my pockets and then hold my palms out face up so she could rub a tissue on my hands to check for bomb residue. Once cleared I was allowed to gather my things and proceed to the gate.
On the plane the lack of a case for my camera or laptop became more of an issue. Both overhead and under the seat are difficult locations when your equipment has no protection, but eventually my items were stowed. We were seated in the second to last row of the plane, which became the last when the flight attendants requested that those behind us move to different seats further up. The rationale given for emptying the final row was to help prevent the congregation of people near the lavatory and this rule was strictly enforced. We were also told that we would be required to put away all electronic devices and remain buckled in and seated for the final hour of our flight into Chicago. Anything that could obstruct the lap (such as a coat, blanket, or pillow) had to be stowed overhead or underneath the seat.
Our flight completed without incident3, but these new restrictions aren’t making me feel safer — they’re becoming real obstacles to using air travel.