$Id$
Installing Wireshark, TShark, and Editcap on Win32
-====================================================
+==================================================
These are the instructions for installing Wireshark
from the installation executable that is provided on
the Wireshark website at:
and any of its mirrors.
-The installation package allows you to install:
-
- o Wireshark - the GUI version
- o TShark - the console, line-mode version
- o Editcap - a console, line-mode utility to convert
- capture files from one format to another.
- (The same functions are available in Wireshark)
- o Text2Pcap - a console, line-mode utility to generate
- a capture file from an ASCII hexdump of packets
- o Mergecap - a console, line-mode utility to merge two
- capture files into one
-
-Additionally, the installation package contains a "plugins"
-option, which installs some additional dissector plugins
-for use with Wireshark and TShark.
-
-All binaries in Wireshark package are now built with debugging
-information embedded. If you are experiencing a crash when running
-Wireshark or other binaries, Dr. Watson or your debugger
-can use the information embedded in the binary to provide useful
-information to the Wireshark developers that will help them pinpoint
-the problem.
-
-In the past, two versions of Wireshark binaries were published -- a
-version that could capture packets and a version which could not.
-The latter is useful if you're only reading files produced by
-another product (e.g., a sniffer, firewall, or intrustion detection system)
-and did not wish to install WinPcap, the library Wireshark uses
-to capture packets on Win32 platforms.
-
-As of WinPcap 2.1, all the WinPcap libraries have been released as DLLs.
-This means that Wireshark can detect the presence of WinPcap at run time,
-which means that only one version of the Wireshark binaries needs to be
-shipped.
-
-If you don't want to capture packets, just install the Wireshark
-package. If you do want to capture packets, install Wireshark *and*
-install the latest non-beta version of WinPcap, available from:
-
- http://winpcap.polito.it/
+The installer will take care of most situations, so just keep the
+default settings and start Wireshark after the installation finished.
-and mirrored at
-
- http://winpcap.mirror.ethereal.com/
+For detailed descriptions how to install and use Wireshark and the
+related command line tools, see the Wireshark User's Guide at:
-and
+http://www.wireshark.org/docs/
- http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/
-If you already have an earlier version of WinPcap installed, you need to
-un-install it and install the latest version. If the older version is
-WinPcap 2.0 or 2.02, and you have other applications that use the older
-version , you will have to decide which applications to keep, since
-WinPcap 2.0/2.02 and later versions cannot be installed on the same
-system at the same time.
+Troubleshooting
+===============
If Wireshark is not capturing packets and you have WinPcap installed, you
can test your WinPcap installation by installing WinDump (tcpdump for
http://analyzer.polito.it/
+
The rest of this documentation is only interesting if
you want to compile Wireshark yourself.
Compiling the Wireshark distribution from source
-===============================================
+================================================
Developer's Guide
-----------------
Compilers
---------
MS Visual C++ Version 6
-This is the common compiler used for building Wireshark on win32.
+This is the recommended compiler used for building Wireshark on win32.
If you've downloaded an Wireshark source tarball and unpacked it, then,
before you do any build, you must do
Subversion tree, as long as you haven't done a UN*X build in the same
directory.
-MS Visual C++ Version 7 / VC.NET
+MS Visual C++ Version 7 / VC.NET / 2003 / 2005
Currently unsupported for two reasons:
--the licence agreement does NOT allow you to compile GPL code.
-there are serious problems in using DLL's compiled with MS VC6.
See section "Problems with MS Visual C++ Version 7 / VC.NET" below.
Cygwin GCC
-Wireshark can entirely be built with cygwin GCC. However the built binaries will
-only run in a cygwin environment, so they are not standalone Win32 applications.
+Wireshark can entirely be built with cygwin GCC. But please remember that MSVC6
+is the recommended way - using GCC might be quite difficult and the built
+binaries will only run in a cygwin environment using an X server, so they are
+not standalone Win32 applications.
It is however not excluded that native Win32 code can be compiled on cygwin GCC
but you then have to use -mms-bitfields as a strict minimum and probably
-mno-cygwin or a similar compiler flag too.
-See section below for instructions.
+See the "Instructions for Cygwin" section below for detailed instructions.
Automated library download
Required libraries
------------------
If the automated library download finished sucessfully, you should have all
-libraries on your machine at the right places. So you don't have to read this,
-unless you are interested which libraries are used.
+libraries on your machine at the right places. So you don't have to read this
+section, unless you are interested which libraries are used.
You'll need the development packages for GLIB, GTK+, iconv, gettext,
WinPcap, Net-SNMP, and optionally ADNS, PCRE and zlib. The development
Compiling the Wireshark distribution using GTK+2
------------------------------------------------
+------------------------------------------------
The more recent version 2 of the GTK+ can be used to compile
Wireshark with, but is still considered beta.
Problems with MS Visual C++ Version 7 / VC.NET
----------------------------------------------
-Beside licensing problems with these compilers, there are known problems
-with DLL's. If Wireshark is compiled with MSVC Version 7, there are
+There are known problems with DLL's.
+If Wireshark is compiled with MSVC Version 7, there are
conflicts in the MSVCRT DLL's, The MSVCRT.DLL includes the standard
ANSI-C functions like fopen, malloc, etc.. MSVCRT.DLL is shipped with
the MSVC 6 compiler versions, and dynamically linked to prebuild DLL's
git.samba.org / obnox / wireshark / wip.git / commitdiff