aboutsummaryrefslogtreecommitdiffstats
path: root/INSTALL
blob: 3283df5c5ccce059f59eb4164c51acacc77f3bd8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
NOTE: this document applies to the Wireshark source releases.  It also
applies to buildbot source tarballs, but it does not apply to source
code checked out directly from Subversion, as files such as the
configuration script are not checked into Subversion, but need to be
generated from the autoconf and automake files.

Installation
============

These are installation instructions for Unix and Unix-like systems
that can run the "configure" script in this same directory. These
are not the installation instructions for Windows systems; see
README.win32 for those instructions.

0. This is beta software.  Beware.

1. If you wish to build Wireshark, make sure you have GTK+ and GLib
   installed. Try running 'pkg-config glib-2.0 --modversion' to see if
   you have GLib 2.x installed and, if that fails, try running
   'glib-config --version' to see if you have GLib 1.2[.x] installed. 
   Then try running 'pkg-config gtk+-2.0 --modversion' to see if you
   have GTK+ 2.x installed and, if that fails, try running
   'gtk-config --version' to see if you have GTK+ 1.2[.x] installed.
   Wireshark needs versions 1.2.0 or above of both these packages.
   If you need to install or re-install GTK+ or GLIB, you can find
   the packages at:

        http://www.gtk.org

   If you installed GTK+ from a binary package, you may have to
   install a "development" package; there may be separate "user's"
   and "developer's" packages, with the former not including
   header files and the like.  For example, Red Hat users will
   need to install a "gtk-devel" .rpm.

   Note also that Wireshark configuration defaults to using GTK+ and
   GLib 2.x; you need to configure with --disable-gtk2 to use GTK+
   1.2[.x].

2. If you wish to build TShark, the line-mode version of Wireshark,
   make sure you have GLIB installed.  See note #1 above for instructions
   on checking if you have GLIB installed. You can download GLIB from
   the same site as GTK.

3. If you want to capture packets, make sure you have libpcap
   installed.  The latest "official" version can be found at

        http://www.tcpdump.org .

   If you've downloaded the 0.5.2 version, make sure you install
   the headers ('make install-incl') when you install the library.
   The CVS snapshots will install the headers if you do 'make
   install', and have no 'install-incl' target.

   If you installed libpcap from a binary package, you may have to
   install a "development" package; for example, there's
   apparently a "libpcap0" Debian package, but it just includes a
   shared library, a copyright notice, changelog files, and a
   README file - you also need to install a "libpcap-dev" package
   to get header files, a non-shared library, and the man page.
   Similarly, Red Hat 5.x users will need to install a "libpcap-devel"
   .rpm to go along with the "libpcap" .rpm.

4. Run './configure' in the Wireshark distribution directory.
   Running './configure --help' displays a list of options.
   The file 'INSTALL.configure' contains general instructions for
   using 'configure' and 'make'. Wireshark has some non-generic configure 
   options:

    --sysconfdir=DIR
        Wireshark installs a support file (manuf) in ${PREFIX}/etc by
        default, where ${PREFIX} comes from --prefix=DIR. If you do not
        specify any --prefix option, ${PREFIX} is "/usr/local".
        You can change the location of the manuf file with the --sysconfdir
        option.

    --disable-usr-local
        By default 'configure' will look in /usr/local/{include,lib} for
        additional header files and libraries. Using this switch keeps
        'configure' from looking there

    --disable-wireshark
        By default, if 'configure' finds the GTK+ libraries, the Makefile
        build Wireshark, the GUI packet analyzer. You can disable the
        build of the GUI version of Wireshark with this switch.

    --disable-gtk2
        Build Glib/Gtk+ 1.2[.x]-based wireshark.

    --disable-tshark
        By default the line-mode packet analyzer, TShark, is built.
        Use this switch to avoid building it.

    --disable-editcap
        By default the capture-file editing program is built.
        Use this switch to avoid building it.

    --disable-mergecap
        By default the capture-file merging program is built.
        Use this switch to avoid building it.

    --disable-text2pcap
        By default the hex-dump-to-capture file conversion program
        is built. Use this switch to avoid building it.

    --disable-idl2wrs
        By default the IDL-to-wireshark-dissector-source-code converter
        is built. Use this switch to avoid building it.

    --enable-dftest
        By default the display-filter-compiler test program is not built.
        Use this switch to build it.

    --enable-randpkt
        By default the program which creates random packet-capture files
        is not built. Use this switch to build it.

    --without-pcap
        If you choose to build a packet analyzer that can analyze
        capture files but cannot capture packets on its own, but you
        *do* have libpcap installed, or if you are trying to build
        Wireshark on a system that doesn't have libpcap installed (in
        which case you have no choice but to build a version that can
        analyze capture files but cannot capture packets on its own),
        use --without-pcap to avoid using libpcap.

    --with-pcap=DIR
        Use this to tell Wireshark where you have libpcap installed, if
        it is installed in a non-standard location.

    --without-zlib
        By default, if 'configure' finds zlib (a.k.a, libz), the
        wiretap library will be built so that it can read compressed
        capture files. If you have zlib but do not wish to build
        it into the wiretap library, used by Wireshark, TShark, and
        the capture-file utilities that come in this package, use
        this switch.

    --with-zlib=DIR
        Use this to tell Wireshark where you have zlib installed, if it
        is installed in a non-standard location.

    --disable-ipv6
        If 'configure' finds support for IPv6 name resolution on
        your system, the packet analyzers will make use of it.
        To avoid using IPv6 name resolution if you have the support for it,
        use this switch.

    --enable-setuid-install
        Use this switch to install the packet analyzers as setuid.
        Installating Wireshark and TShark as setuid 'root' is
        dangerous. Repeat: IT'S DANGEROUS. Don't do it.

    --with-ssl=DIR
        If your SNMP library needs the SSL library, and your
        SSL library is installed in a non-standard location,
        you can specify where your SSL library is with this switch.

    --without-net-snmp
        If 'configure' finds a supported version of the NET SNMP library
        on your system,  the SNMP dissector will be enhanced to use
        routines from that SNMP library. Use this switch to avoid
        using the NET SNMP library even if you have it installed.

    --with-net-snmp=PATH
        Tell the 'configure' script where your net-snmp-config shell script 
        that comes with the net-snmp package is located, if not in a standard 
        location.

    --without-ucd-snmp
        If 'configure' finds a supported version of the UCD SNMP library
        on your system,  the SNMP dissector will be enhanced to use
        routines from that SNMP library. Use this switch to avoid
        using the UCD SNMP library even if you have it installed.

    --with-ucd-snmp=DIR
        Tell the 'configure' script where your UCD SNMP library
        is located, if not in a standard location.

    --without-plugins
        By default, if your system can support run-time loadable modules,
        the packet analyzers are build with support for plugins.
        Use this switcht to build packet analyzers without plugin support.

    --with-plugins=DIR
        By default, plugins are installed in
        ${LIBDIR}/wireshark/plugins/${VERSION}

        ${LIBDIR} can be set with --libdir, or defaults to ${EPREFIX/lib}
        ${EPREFIX} can be set with --exec-prefix, or defaults to ${PREFIX}
        ${VERSION} is the Etherael version.

        Use this switch to change the location where plugins
        are installed.

5. After running './configure', you will see a summary of some
   of the options you chose. Ensure that the summary reflects
   what you want. If it doesn't, re-run './configure' with new options.

6. Run 'make'.  Hopefully, you won't run into any problems.

7. Run './wireshark' or './tshark', and make sure things are working.
   You must have root privileges in order to capture live data.

8. Run 'make install'.  If you wish to install the man page, run
   'make install-man'.  If you're running a system that supports
   the Apt, RPM, or System V Release 4 packaging systems, you can
   run one of

        make debian-package	# Builds a binary package using dpkg
        make rpm-package	# Builds a binary package using rpm
        make srpm-package	# Builds a source package using rpm
        make svr4-package	# Builds a source package using pkgmk
        make solaris-package	# Same as "make svr4-package"

   to make an installable package for your system.

If you have trouble with the build or installation process, you can
find assistance on the wireshark-users and wireshark-dev mailing lists.
See http://www.wireshark.org/lists/ for details.