Library Reference
Introduction
Several libraries are needed to build / run Wireshark. Most of the
libraries are split into three packages:
Runtime package: binaries (e.g. win32 DLL's) and alike
Developer package: documentation, header files and alike
Source package: library sources, usually not required to
build Wireshark
Tip!
Win32: All libraries for the VS9 generation are available at:
,
but see for an easier way to install the
libraries.
Tip!
Win64: All required libraries for the VS9 generation are available at:
,
but see for an easier way to install the
libraries. Not all libraries are available, yet.
Win32: Automated library download
Initial download
You can download/install all required libraries by using the setup target
of the Makefile.nmake from the source package.
Tip!
It's a really good idea to use the Win32 automated library download to
install the required libraries as it makes this download very easy.
Note!
Before you start the download, you must have installed both
the required tools (see ) and also the
Wireshark sources (see ).
By default the libraries will be downloaded and installed into
C:\wireshark-win32-libs.
You can change this to any other location by editing the file
config.nmake and changing the line containing
the WIRESHARK_LIB_DIR setting to your favourite place (use an absolute path
here).
Then enter at the command line:
> nmake -f Makefile.nmake setup
This will first check for all the various tools needed to build Wireshark,
as described already in .
Then it will download the zipped libraries (together around 30MB!) from
the server location at:
into the directory specified by WIRESHARK_LIB_DIR and install (unzip) all
required library files there.
If you have problems downloading the library files, you might be connected
to the internet through a proxy/firewall.
In this case see the wget proxy comment in .
Update of a previous download
As new versions of the libraries become available, maybe with bugfixes or
some new functionality, your libraries get outdated.
You could simply remove everything in the WIRESHARK_LIB_DIR dir and call the
setup target again, but that would require a download of every file again,
which isn't necessary.
The following will bring your libraries up to date:
Update your Wireshark sources to the latest SVN files (see ), so the zip filenames in the setup target
of Makefile.nmake are in sync with the library zip files on the server.
Execute the library setup command as described above.
> nmake -f Makefile.nmake setup
Note that this command will automatically do a clean-setup which will
remove all files previously unzipped from the downloaded files in your
WIRESHARK_LIB_DIR library path (all the subdirs, e.g.
c:\wireshark-win32-libs\gtk+),
except for the zip files located at the toplevel, which are the files
downloaded the last time(s).
Also note that as wget will download only the
missing (updated) files, existing zip files in the WIRESHARK_LIB_DIR dir won't be
downloaded again. Remaining (outdated) zip files shouldn't do any harm.
GTK+ / GLib / GDK / Pango / ATK / GNU gettext / GNU libiconv
The Glib library is used as a basic platform abstraction library, it's
not related to graphical user interface (GUI) things. For a detailed
description about GLib, see .
The GTK and its dependent libraries are used to build Wireshark's GUI.
For a detailed description of the GTK libraries, see .
All other libraries are dependent on the two libraries mentioned above,
you will typically not come in touch with these while doing Wireshark
development.
As the requirements for the GLib/GTK libraries have increased in the past,
the required additional libraries depend on the GLib/GTK versions you have.
The 2.x versions require all mentioned libs.
Unix
The GLib/GTK+ libraries are available for many unix-like platforms and
cygwin.
If these libraries aren't already installed and also aren't available as a
package for your platform, you can get them at:
.
Win32 MSVC
You can get the latest version at:
.
SMI (optional)
"Various tools relating to the SMI MIB Information"
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
Wireshark uses the source libSMI distribution at
.
libSMI is compiled using MSVC++ 6.0. It's stored in the libsmi zip archive at
c-ares (optional)
"Library for asynchronous name resolves."
This is the primary name resolving library for Wireshark. It replaces ADNS.
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
You can get the latest version at:
.
GNU adns (optional)
"Advanced, easy to use, asynchronous-capable DNS client library and
utilities."
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
You can get the latest version at:
zlib (optional)
"zlib is designed to be a
free,
general-purpose, legally unencumbered -- that is, not covered by any
patents -- lossless data-compression library for use on virtually any computer
hardware and operating system."
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
You can get the latest version at:
(A version for the MSVC2003 compiler can be found at:
)
libpcap/WinPcap (optional)
"packet capture library"
Unix: libpcap
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC: WinPcap
You can get the "Windows packet capture library" at:
GnuTLS (optional)
The "GNU Transport Layer Security Library" is used to dissect SSL and TLS
protocols (aka: HTTPS).
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
We roll our own version using:
Gcrypt (optional)
The "Gcrypt Library" is Low-level encryption library and provides
support for many ciphers, such as DES, 3DES, AES, Blowfish, and others..
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
Part of our homemade GnuTLS package.
Kerberos (optional)
The Kerberos library is used to dissect Kerberos, sealed DCERPC and
secureLDAP protocols.
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
XXX - Is it supported on *NIX at all?
Win32 MSVC
You can get the latest version of KfW "Kerberos for Windows" at:
LUA (optional)
The LUA library is used to add scripting support to Wireshark.
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
You can get the latest version at:
PortAudio (optional)
The PortAudio library enables audio output for RTP streams.
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
You can get the latest version at:
GeoIP (optional)
MaxMind Inc. publishes a GeoIP database for use in open source software.
It can be used to map IP addresses to geographical locations.
Unix
If this library isn't already installed or available as a
package for your platform, you can get it at:
.
Win32 MSVC
You can get the latest version at: