Library Reference
Introduction Several libraries are needed to build / run Wireshark. Most of the libraries are split into three packages: Runtime package: binaries (e.g. win32 DLL's) and alike Developer package: documentation, header files and alike Source package: library sources, usually not required to build Wireshark Tip! Win32: All libraries for the VS9 generation are available at: , but see for an easier way to install the libraries. Tip! Win64: All required libraries for the VS9 generation are available at: , but see for an easier way to install the libraries. Not all libraries are available, yet.
Binary library formats Binary libraries are available in different formats, depending on the C compiler used to build it and of course the platform they were built for.
Unix If you have installed unix binary libraries on your system, they will match the C compiler. If not already installed, the libraries should be available as a package from the platform installer, or you can download and compile the source and then install the binaries.
Win32: MSVC Most of the Win32 binary libraries you will find on the web are in this format. You will recognize MSVC libraries by the .lib/.dll file extension.
Win32: cygwin gcc Cygwin provides most of the required libraries (with file extension .a or .lib) for Wireshark suitable for cygwin's gcc compiler.
Win32: Automated library download
Initial download You can download/install all required libraries by using the setup target of the Makefile.nmake from the source package. Tip! It's a really good idea to use the Win32 automated library download to install the required libraries as it makes this download very easy. Note! Before you start the download, you must have installed both the required tools (see ) and also the Wireshark sources (see ). By default the libraries will be downloaded and installed into C:\wireshark-win32-libs. You can change this to any other location by editing the file config.nmake and changing the line containing the WIRESHARK_LIB_DIR setting to your favourite place (use an absolute path here). Then enter at the command line: > nmake -f Makefile.nmake setup This will first check for all the various tools needed to build Wireshark, as described already in . Then it will download the zipped libraries (together around 30MB!) from the server location at: into the directory specified by WIRESHARK_LIB_DIR and install (unzip) all required library files there. If you have problems downloading the library files, you might be connected to the internet through a proxy/firewall. In this case see the wget proxy comment in .
Update of a previous download As new versions of the libraries become available, maybe with bugfixes or some new functionality, your libraries get outdated. You could simply remove everything in the WIRESHARK_LIB_DIR dir and call the setup target again, but that would require a download of every file again, which isn't necessary. The following will bring your libraries up to date: Update your Wireshark sources to the latest SVN files (see ), so the zip filenames in the setup target of Makefile.nmake are in sync with the library zip files on the server. Execute the library setup command as described above. > nmake -f Makefile.nmake setup Note that this command will automatically do a clean-setup which will remove all files previously unzipped from the downloaded files in your WIRESHARK_LIB_DIR library path (all the subdirs, e.g. c:\wireshark-win32-libs\gtk+), except for the zip files located at the toplevel, which are the files downloaded the last time(s). Also note that as wget will download only the missing (updated) files, existing zip files in the WIRESHARK_LIB_DIR dir won't be downloaded again. Remaining (outdated) zip files shouldn't do any harm.
GTK+ / GLib / GDK / Pango / ATK / GNU gettext / GNU libiconv The Glib library is used as a basic platform abstraction library, it's not related to graphical user interface (GUI) things. For a detailed description about GLib, see . The GTK and its dependent libraries are used to build Wireshark's GUI. For a detailed description of the GTK libraries, see . All other libraries are dependent on the two libraries mentioned above, you will typically not come in touch with these while doing Wireshark development. As the requirements for the GLib/GTK libraries have increased in the past, the required additional libraries depend on the GLib/GTK versions you have. The 2.x versions require all mentioned libs.
Unix The GLib/GTK+ libraries are available for many unix-like platforms and cygwin. If these libraries aren't already installed and also aren't available as a package for your platform, you can get them at: .
Win32 MSVC You can get the latest version at: .
SMI (optional) "Various tools relating to the SMI MIB Information"
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC Wireshark uses the source libSMI distribution at . libSMI is compiled using MSVC++ 6.0. It's stored in the libsmi zip archive at
c-ares (optional) "Library for asynchronous name resolves." This is the primary name resolving library for Wireshark. It replaces ADNS.
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC You can get the latest version at: .
GNU adns (optional) "Advanced, easy to use, asynchronous-capable DNS client library and utilities."
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC You can get the latest version at:
zlib (optional) "zlib is designed to be a free, general-purpose, legally unencumbered -- that is, not covered by any patents -- lossless data-compression library for use on virtually any computer hardware and operating system."
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC You can get the latest version at: (A version for the MSVC2003 compiler can be found at: )
libpcap/WinPcap (optional) "packet capture library"
Unix: libpcap If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC: WinPcap You can get the "Windows packet capture library" at:
GnuTLS (optional) The "GNU Transport Layer Security Library" is used to dissect SSL and TLS protocols (aka: HTTPS).
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC We roll our own version using:
Gcrypt (optional) The "Gcrypt Library" is Low-level encryption library and provides support for many ciphers, such as DES, 3DES, AES, Blowfish, and others..
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC Part of our homemade GnuTLS package.
Kerberos (optional) The Kerberos library is used to dissect Kerberos, sealed DCERPC and secureLDAP protocols.
Unix If this library isn't already installed or available as a package for your platform, you can get it at: . XXX - Is it supported on *NIX at all?
Win32 MSVC You can get the latest version of KfW "Kerberos for Windows" at:
LUA (optional) The LUA library is used to add scripting support to Wireshark.
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC You can get the latest version at:
PortAudio (optional) The PortAudio library enables audio output for RTP streams.
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC You can get the latest version at:
GeoIP (optional) MaxMind Inc. publishes a GeoIP database for use in open source software. It can be used to map IP addresses to geographical locations.
Unix If this library isn't already installed or available as a package for your platform, you can get it at: .
Win32 MSVC You can get the latest version at: