![\"\"](\"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2025\/05\/20250530220232-683a2af8e0688.png\")
<\/p>\nWireshark \u662f\u88ab\u5e7f\u6cdb\u4f7f\u7528\u7684\u514d\u8d39\u5f00\u6e90\u7f51\u7edc\u534f\u8bae\u5206\u6790\u8f6f\u4ef6(network protocol analyzer)\u6216\u7f51\u7edc\u6570\u636e\u5305\u5206\u6790\u5de5\u5177,\u5b83\u53ef\u4ee5\u8ba9\u4f60\u5728\u5fae\u89c2\u5c42\u9762\u4e0a\u67e5\u770b\u7f51\u7edc\u4e0a\u53d1\u751f\u7684\u4e8b\u60c5\u3002\u5b83\u7684\u4e3b\u8981\u529f\u80fd\u662f\u622a\u53d6\u7f51\u7edc\u6570\u636e\u5305,\u5e76\u5c3d\u53ef\u80fd\u8be6\u7ec6\u5730\u5c55\u793a\u7f51\u7edc\u6570\u636e\u5305\u4fe1\u606f\u5185\u5bb9\u3002<\/p>\n
\u9879\u76ee\u5730\u5740:https:\/\/github.com\/wireshark\/wireshark<\/p>\n
\u672c\u7bc7\u6587\u7ae0\u4e3b\u8981\u8bb2\u8ff0\u5728 Mac \u4f7f\u7528 Wireshark \u65f6\u53ef\u80fd\u9047\u5230\u7684\u4e00\u4e9b\u95ee\u9898,\u5e76\u901a\u8fc7\u4e00\u4e2a\u5b9e\u4f8b\u4ecb\u7ecd\u8be6\u7ec6\u7684\u6293\u5305\u624b\u6cd5\u3002<\/p>\n
You do not have permission to capture on device "bridge100". ((cannot open BPF device) \/dev\/bpf0: Permission denied)<\/p>\n
<\/p>\n
\u67e5\u770b \/dev\/bpf* \u6587\u4ef6\u7684\u6743\u9650<\/p>\n
ls<\/span> -l<\/span> \/dev\/bpf*<\/p>\n \u66f4\u65b0 \/dev\/bpf* \u6587\u4ef6\u6743\u9650\u548c\u7ec4\u6743\u9650<\/p>\n sudo<\/span> chmod<\/span> g+r \/dev\/bpf* &&<\/span> sudo<\/span> chgrp<\/span> admin \/dev\/bpf*<\/p>\n \u4f7f\u7528 ifconfig \u547d\u4ee4\u53ef\u4ee5\u67e5\u770b\u5230 Mac \u4e2d\u7684\u6240\u6709\u7f51\u7edc\u63a5\u53e3,\u53ef\u80fd\u4f1a\u51fa\u73b0\u6570\u91cf\u7e41\u591a,\u4e0d\u6e05\u695a\u9009\u54ea\u4e2a\u7684\u95ee\u9898\u3002<\/p>\n \u5148\u6765\u770b\u770b\u6211\u7684\u7f51\u5361\u4fe1\u606f\u3002<\/p>\n $ ifconfig \u5728\u4f17\u591a\u7f51\u5361\u4e2d,\u91cd\u70b9\u5173\u6ce8 en0 \u548c bridge100 \u8fd9\u4e24\u4e2a\u63a5\u53e3,\u5176\u4ed6\u591a\u6570\u53ef\u4ee5\u5ffd\u7565\u3002<\/p>\n \u672c\u4f8b\u7528\u4e8e\u5206\u6790\u5728\u6f0f\u6d1e\u590d\u73b0\u6216\u653b\u51fb\u68c0\u6d4b\u4e2d\u6355\u83b7\u7684\u6570\u636e\u6d41\u91cf,\u6b65\u9aa4\u5982\u4e0b:<\/p>\n \u53ef\u4ee5\u901a\u8fc7\u67e5\u770b\u9776\u673a(\u5982\u865a\u62df\u673a)\u4e2d\u7684 IP \u5730\u5740\u83b7\u53d6\u3002<\/p>\n \u5728\u672c\u673a ifconfig \u4e2d\u627e\u5230\u80fd\u8bbf\u95ee\u9776\u673a IP \u7684\u7f51\u5361,\u4e00\u822c\u4e3a bridge100\u3002<\/p>\n \u542f\u52a8 Wireshark,\u9009\u62e9\u5bf9\u5e94\u7684 bridge100 \u7f51\u5361,\u70b9\u51fb\u5f00\u59cb\u6293\u5305\u5373\u53ef\u3002<\/p>\n \u5982\u56fe\u8fd9\u662f\u6211\u6293\u7684\u5de5\u5177\u653b\u51fb\u7684\u6d41\u91cf\u6570\u636e,\u8fd9\u6837\u5c31\u53ef\u4ee5\u5355\u72ec\u62ff\u51fa\u6765\u5206\u6790\u4e86\u3002 \u4f8b\u5b50:<\/p>\n \u6587\u7ae0\u6d4f\u89c8\u9605\u8bfb826\u6b21\uff0c\u70b9\u8d5e27\u6b21\uff0c\u6536\u85cf15\u6b21\u3002\u672c\u6587\u4ecb\u7ecd\u4e86\u5728 macOS \u4e0a\u4f7f\u7528 Wireshark \u8fdb\u884c\u7f51\u7edc\u6293\u5305\u7684\u5b8c\u6574\u6d41\u7a0b\uff0c\u5305\u62ec\u5b89\u88c5\u65b9\u6cd5\u3001\u6743\u9650\u914d\u7f6e\u3001\u6293\u5305\u63a5\u53e3\u9009\u62e9\u3001\u8fc7\u6ee4\u89c4\u5219\u8bbe\u7f6e\u53ca\u5e38\u89c1\u534f\u8bae\u5206\u6790\uff0c\u9002\u5408\u521d\u5b66\u8005\u5feb\u901f\u4e0a\u624b\u7f51\u7edc\u6570\u636e\u5206\u6790\u3002<\/p>\n","protected":false},"author":2,"featured_media":41098,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[330,2570,137],"topic":[],"class_list":["post-41103","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-server","tag-macos","tag-wireshark","tag-137"],"yoast_head":"\n\u7f51\u5361\u592a\u591a<\/h5>\n
\nlo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
\n options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
\n inet 127.0.0.1 netmask 0xff000000
\n inet6 ::1 prefixlen 128
\n inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
\n nd6 options=201<PERFORMNUD,DAD>
\ngif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
\nstf0: flags=0<> mtu 1280
\nanpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=400<CHANNEL_IO>
\n ether e2:5d:00:2d:ee:ec
\n media: none
\n status: inactive
\nanpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=400<CHANNEL_IO>
\n ether e2:5d:00:2d:ee:eb
\n media: none
\n status: inactive
\nen3: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=400<CHANNEL_IO>
\n ether e2:5d:00:2d:ee:cb
\n nd6 options=201<PERFORMNUD,DAD>
\n media: none
\n status: inactive
\nen4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=400<CHANNEL_IO>
\n ether e2:5d:00:2d:ee:cc
\n nd6 options=201<PERFORMNUD,DAD>
\n media: none
\n status: inactive
\nen1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
\n options=460<TSO4,TSO6,CHANNEL_IO>
\n ether 36:b2:2d:e4:95:80
\n media: autoselect <full-duplex>
\n status: inactive
\nen2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
\n options=460<TSO4,TSO6,CHANNEL_IO>
\n ether 36:b2:2d:e4:95:84
\n media: autoselect <full-duplex>
\n status: inactive
\nbridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=63<RXCSUM,TXCSUM,TSO4,TSO6>
\n ether 36:b2:2d:e4:95:80
\n Configuration:
\n id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
\n maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
\n root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
\n ipfilter disabled flags 0x0
\n member: en1 flags=3<LEARNING,DISCOVER>
\n ifmaxaddr 0 port 8 priority 0 path cost 0
\n member: en2 flags=3<LEARNING,DISCOVER>
\n ifmaxaddr 0 port 9 priority 0 path cost 0
\n nd6 options=201<PERFORMNUD,DAD>
\n media: <unknown type>
\n status: inactive
\nap1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
\n options=400<CHANNEL_IO>
\n ether 3e:57:dc:50:21:95
\n media: autoselect
\nen0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
\n ether 1c:57:dc:50:21:95
\n inet6 fe80::493:9294:92cb:962d%en0 prefixlen 64 secured scopeid 0xc
\n inet 10.201.102.126 netmask 0xffffe000 broadcast 10.201.127.255
\n nd6 options=201<PERFORMNUD,DAD>
\n media: autoselect
\n status: active
\nawdl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
\n ether ce:41:0d:0a:06:8b
\n inet6 fe80::cc41:dff:fe0a:68b%awdl0 prefixlen 64 scopeid 0xd
\n nd6 options=201<PERFORMNUD,DAD>
\n media: autoselect
\n status: active
\nllw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
\n options=400<CHANNEL_IO>
\n ether ce:41:0d:0a:06:8b
\n inet6 fe80::cc41:dff:fe0a:68b%llw0 prefixlen 64 scopeid 0xe
\n nd6 options=201<PERFORMNUD,DAD>
\n media: autoselect
\n status: inactive
\nutun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
\n inet6 fe80::bbb3:6daa:deb9:6132%utun0 prefixlen 64 scopeid 0xf
\n nd6 options=201<PERFORMNUD,DAD>
\nutun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
\n inet6 fe80::a590:7109:be1b:f900%utun1 prefixlen 64 scopeid 0x10
\n nd6 options=201<PERFORMNUD,DAD>
\nutun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
\n inet6 fe80::ce81:b1c:bd2c:69e%utun2 prefixlen 64 scopeid 0x11
\n nd6 options=201<PERFORMNUD,DAD>
\nutun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
\n inet6 fe80::4562:973c:823c:162d%utun3 prefixlen 64 scopeid 0x12
\n nd6 options=201<PERFORMNUD,DAD>
\nutun4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 9000
\n inet 198.18.0.1 –> 198.18.0.1 netmask 0xfffe0000
\nvmenet0: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
\n ether 3e:64:95:b7:62:33
\n media: autoselect
\n status: active
\nbridge100: flags=8a63<UP,BROADCAST,SMART,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
\n options=3<RXCSUM,TXCSUM>
\n ether 1e:57:dc:05:87:64
\n inet 192.168.64.1 netmask 0xffffff00 broadcast 192.168.64.255
\n inet6 fe80::1c57:dcff:fe05:8764%bridge100 prefixlen 64 scopeid 0x15
\n inet6 fd93:45e9:560c:404:1020:f068:469e:d583 prefixlen 64 autoconf secured
\n Configuration:
\n id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
\n maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
\n root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
\n ipfilter disabled flags 0x0
\n member: vmenet0 flags=3<LEARNING,DISCOVER>
\n ifmaxaddr 0 port 20 priority 0 path cost 0
\n nd6 options=201<PERFORMNUD,DAD>
\n media: autoselect
\n status: active
\n(base) <\/p>\n\u5982\u4f55\u9009\u7f51\u5361<\/h6>\n
\n
\u63a5\u53e3\u540d\u542b\u4e49 \/ \u4f5c\u7528IP \u5730\u5740\u72b6\u6001<\/tr>\n \n\n lo0<\/td>\n \u672c\u5730\u56de\u73af\u63a5\u53e3(localhost)<\/td>\n 127.0.0.1<\/td>\n active<\/td>\n<\/tr>\n \n en0<\/td>\n \u65e0\u7ebf\u7f51\u5361\u6216\u4e3b\u8981\u7269\u7406\u7f51\u5361<\/td>\n 10.201.102.126<\/td>\n active<\/td>\n<\/tr>\n \n bridge100<\/td>\n Docker \u521b\u5efa\u7684\u865a\u62df\u6865\u63a5\u7f51\u5361<\/td>\n 192.168.64.1<\/td>\n active<\/td>\n<\/tr>\n \n awdl0<\/td>\n Apple Wireless Direct Link,\u9694\u7a7a\u6295\u9001\u7528<\/td>\n \u6709 IPv6<\/td>\n active<\/td>\n<\/tr>\n \n utun*<\/td>\n VPN \u96a7\u9053\u63a5\u53e3(\u4e00\u822c\u662f VPN \u8fde\u63a5\u521b\u5efa\u7684)<\/td>\n \u6709 IPv6<\/td>\n active<\/td>\n<\/tr>\n \n vmenet0<\/td>\n \u865a\u62df\u673a\u7f51\u7edc\u6865\u63a5\u63a5\u53e3(\u5982 VMware \u6216 UTM)<\/td>\n \u65e0 IPv4<\/td>\n active<\/td>\n<\/tr>\n \n en1\/en2\/en3…<\/td>\n \u5176\u4ed6\u7269\u7406\u6216\u865a\u62df\u7f51\u5361<\/td>\n \u65e0 IPv4<\/td>\n \u274c \u591a\u6570 inactive<\/td>\n<\/tr>\n \n anpi0\/anpi1<\/td>\n Apple Silicon \u7279\u6709\u63a5\u53e3<\/td>\n \u65e0 IP<\/td>\n \u274c inactive<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \u6293\u5305\u5b9e\u4f8b<\/h4>\n
\u786e\u5b9a\u9776\u673a IP<\/h6>\n
![\"\"](\"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2025\/05\/20250530220233-683a2af911ee3.png\")
<\/p>\n\u5224\u65ad\u54ea\u4e2a\u7f51\u5361\u53ef\u4ee5\u8bbf\u95ee\u9776\u673a<\/h6>\n
![\"\"](\"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2025\/05\/20250530220235-683a2afbf0237.png\")
<\/p>\n\u5728 Wireshark \u4e2d\u9009\u62e9\u8be5\u7f51\u5361\u8fdb\u884c\u6293\u5305<\/h6>\n
![\"\"](\"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2025\/05\/20250530220237-683a2afd96a52.png\")
<\/p>\n![\"\"](\"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2025\/05\/20250530220238-683a2afe2527f.png\")
<\/p>\nwireshrk\u547d\u4ee4\u901f\u67e5<\/h4>\n
IP \u5730\u5740\u8fc7\u6ee4<\/h6>\n
\n
\u7aef\u53e3\u8fc7\u6ee4<\/h6>\n
\n
\u534f\u8bae\u8fc7\u6ee4<\/h6>\n
\n
MAC \u5730\u5740\u8fc7\u6ee4<\/h6>\n
\n
\u5305\u957f\u5ea6\u8fc7\u6ee4<\/h6>\n
\n
HTTP \u8fc7\u6ee4<\/h6>\n
\u6309\u65b9\u6cd5<\/h6>\n
\n
\u6309\u5185\u5bb9<\/h6>\n
\n
TCP \u53c2\u6570\u8fc7\u6ee4<\/h6>\n
\n
\u6570\u636e\u5185\u5bb9\u8fc7\u6ee4(\u8fdb\u9636)<\/h6>\n
UDP:<\/h6>\n
\n
TCP:<\/h6>\n
\n
\u6b63\u5219\u5339\u914d\u8bed\u6cd5\u901f\u67e5<\/h6>\n
\n
\u8868\u8fbe\u5f0f\u8bf4\u660e<\/tr>\n \n\n \\\\d<\/td>\n \u6570\u5b57\u5b57\u7b26<\/td>\n<\/tr>\n \n \\\\D<\/td>\n \u975e\u6570\u5b57<\/td>\n<\/tr>\n \n \\\\w<\/td>\n \u5355\u8bcd\u5b57\u7b26 (\u5b57\u6bcd\u3001\u6570\u5b57\u3001\u4e0b\u5212\u7ebf)<\/td>\n<\/tr>\n \n \\\\s<\/td>\n \u7a7a\u767d\u5b57\u7b26<\/td>\n<\/tr>\n \n .<\/td>\n \u4efb\u610f\u5b57\u7b26<\/td>\n<\/tr>\n \n .*<\/td>\n \u4efb\u610f\u6570\u91cf\u4efb\u610f\u5b57\u7b26(\u9664\u6362\u884c)<\/td>\n<\/tr>\n \n ^<\/td>\n \u5b57\u7b26\u4e32\u5f00\u5934<\/td>\n<\/tr>\n \n $<\/td>\n \u5b57\u7b26\u4e32\u7ed3\u5c3e<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n