1 ++++++++++++++++++++++++++++++++++++++
2 <!-- WSUG Chapter BuildInstall -->
3 ++++++++++++++++++++++++++++++++++++++
5 [[ChapterBuildInstall]]
7 == Building and Installing Wireshark
9 [[ChBuildInstallIntro]]
13 As with all things there must be a beginning and so it is with Wireshark. To
14 use Wireshark you must first install it. If you are running Windows or OS X
15 you can download an official release at {wireshark-download-url}, install it,
16 and skip the rest of this chapter.
18 If you are running another operating system such as Linux or FreeBSD you might
19 want to install from source. Several Linux distributions offer Wireshark
20 packages but they commonly ship out-of-date versions. No other versions of UNIX
21 ship Wireshark so far. For that reason, you will need to know where to get the
22 latest version of Wireshark and how to install it.
24 This chapter shows you how to obtain source and binary packages and how to
25 build Wireshark from source should you choose to do so.
27 The following are the general steps you would use:
29 . Download the relevant package for your needs, e.g. source or binary
32 . Compile the source into a binary if needed.
33 This may involve building and/or installing other necessary packages.
35 . Install the binaries into their final destinations.
37 [[ChBuildInstallDistro]]
39 === Obtaining the source and binary distributions
41 You can obtain both source and binary distributions from the Wireshark
42 web site: {wireshark-download-url}. Select the download link and then
43 select the desired binary or source package.
46 .Download all required files
48 If you are building Wireshark from source you will
49 In general, unless you have already downloaded Wireshark before, you will most
50 likely need to download several source packages if you are building Wireshark
51 from source. This is covered in more detail below.
53 ++++++++++++++++++++++++++++++++++++++
55 ++++++++++++++++++++++++++++++++++++++
58 Once you have downloaded the relevant files, you can go on to the next step.
64 [[ChBuildInstallWinInstall]]
66 === Installing Wireshark under Windows
68 Windows installer names contain the platform and version. For example,
69 Wireshark-win64-{wireshark-version}.exe installs Wireshark {wireshark-version}
70 for 64-bit Windows. The Wireshark installer includes WinPcap which is required
73 Simply download the Wireshark installer from {wireshark-download-url}
74 and execute it. Official packages are signed by the *Wireshark
75 Foundation*. You can choose to install several optional components and
76 select the location of the installed package. The default settings are
77 recommended for most users.
79 [[ChBuildInstallWinComponents]]
81 ==== Installation Components
83 On the _Choose Components_ page of the installer you can select from the following:
85 * *Wireshark* - The network protocol analyzer that we all know and mostly love.
87 * *TShark* - A command-line network protocol analyzer. If you haven't tried it
90 * *Wireshark 1 Legacy* - The old (GTK+) user interface in case you need it.
92 * *Plugins & Extensions* - Extras for the Wireshark and TShark dissection engines
94 - *Dissector Plugins* - Plugins with some extended dissections.
96 - *Tree Statistics Plugins* - Extended statistics.
98 - *Mate - Meta Analysis and Tracing Engine* - User configurable extension(s) of the display filter engine, see {wireshark-wiki-url}Mate for details.
100 - *SNMP MIBs* - SNMP MIBs for a more detailed SNMP dissection.
102 * *Tools* - Additional command line tools to work with capture files
104 - *Editcap* - Reads a capture file and writes some or all of the packets into
105 another capture file.
107 - *Text2Pcap* - Reads in an ASCII hex dump and writes the data into a
110 - *Reordercap* - Reorders a capture file by timestamp.
112 - *Mergecap* - Combines multiple saved capture files into a single output file.
114 - *Capinfos* - Provides information on capture files.
116 - *Rawshark* - Raw packet filter.
118 * *User's Guide* - Local installation of the User's Guide. The Help buttons on
119 most dialogs will require an internet connection to show help pages if the
120 User's Guide is not installed locally.
122 [[ChBuildInstallWinAdditionalTasks]]
124 ==== Additional Tasks
126 * *Start Menu Shortcuts* - Add some start menu shortcuts.
128 * *Desktop Icon* - Add a Wireshark icon to the desktop.
130 * *Quick Launch Icon* - add a Wireshark icon to the Explorer quick launch toolbar.
132 * *Associate file extensions to Wireshark* - Associate standard network trace files to Wireshark.
134 [[ChBuildInstallWinLocation]]
136 ==== Install Location
138 By default Wireshark installs into `%ProgramFiles%\Wireshark` on 32-bit Windows
139 and `%ProgramFiles64%\Wireshark` on 64-bit Windows. This expands to `C:\Program
140 Files\Wireshark` on most systems.
142 [[ChBuildInstallWinPcap]]
144 ==== Installing WinPcap
146 The Wireshark installer contains the latest WinPcap installer.
148 If you don't have WinPcap installed you won't be able to capture live network
149 traffic but you will still be able to open saved capture files. By default the
150 latest version of WinPcap will be installed. If you don't wish to do this or if
151 you wish to reinstall WinPcap you can check the _Install WinPcap_ box as needed.
153 For more information about WinPcap see {winpcap-main-url} and
154 {wireshark-wiki-url}WinPcap.
157 [[ChBuildInstallWinWiresharkCommandLine]]
159 ==== Windows installer command line options
161 For special cases, there are some command line parameters available:
163 * `/S` runs the installer or uninstaller silently with default values. The
164 silent installer *will not* install WinPCap.
166 * `/desktopicon` installation of the desktop icon, `=yes` - force installation,
167 `=no` - don't install, otherwise use default settings. This option can be
168 useful for a silent installer.
170 * `/quicklaunchicon` installation of the quick launch icon, `=yes` - force
171 installation, `=no` - don't install, otherwise use default settings.
173 * `/D` sets the default installation directory ($INSTDIR), overriding InstallDir
174 and InstallDirRegKey. It must be the last parameter used in the command line
175 and must not contain any quotes even if the path contains spaces.
177 * `/NCRC` disables the CRC check. We recommend against using this flag.
181 > Wireshark-win64-wireshark-2.0.5.exe /NCRC /S /desktopicon=yes /quicklaunchicon=no /D=C:\Program Files\Foo
184 Running the installer without any parameters shows the normal interactive installer.
186 [[ChBuildInstallWinPcapManually]]
188 ==== Manual WinPcap Installation
190 As mentioned above, the Wireshark installer takes care of installing WinPcap.
191 The following is only necessary if you want to use a different version than the
192 one included in the Wireshark installer, e.g. because a new WinPcap version was
195 Additional WinPcap versions (including newer alpha or beta releases) can
196 be downloaded from the main WinPcap site at {winpcap-main-url}. The
197 _Installer for Windows_ supports modern Windows operating systems.
199 [[ChBuildInstallWinWiresharkUpdate]]
201 ==== Update Wireshark
203 By default the offical Windows package will check for new versions and notify
204 you when they are available. If you have the _Check for updates_ preference
205 disabled or if you run Wireshark in an isolated environment you should subcribe
206 to the _wireshark-announce_ mailing list. See <<ChIntroMailingLists>> for
207 details on subscribing to this list.
209 New versions of Wireshark are usually released every four to six weeks. Updating
210 Wireshark is done the same way as installing it. Simply download and start the
211 installer exe. A reboot is usually not required and all your personal settings
214 [[ChBuildInstallWinPcapUpdate]]
218 New versions of WinPcap are less frequently available. You will find
219 WinPcap update instructions the WinPcap web site at {winpcap-main-url}.
220 You may have to reboot your machine after installing a new WinPcap
223 [[ChBuildInstallWinUninstall]]
225 ==== Uninstall Wireshark
227 You can uninstall Wireshark using the _Programs and Features_ control panel.
228 Select the "Wireshark" entry to start the uninstallation procedure.
230 The Wireshark uninstaller provides several options for removal. The default is
231 to remove the core components but keep your personal settings and WinPcap.
232 WinPcap is left installed by default in case other programs need it.
234 [[ChBuildInstallWinPcapUninstall]]
236 ==== Uninstall WinPcap
238 You can uninstall WinPcap independently of Wireshark using the _WinPcap_ entry
239 in the _Programs and Features_ control panel. Remember that if you uninstall
240 WinPcap you won't be able to capture anything with Wireshark.
246 [[ChBuildInstallOSXInstall]]
248 === Installing Wireshark under OS X
250 The official OS X packages are distributed as disk images (.dmg) containing
251 the application installer. To install Wireshark simply open the disk image and
252 run the enclosed installer.
254 The installer package includes Wireshark, its related command line utilities,
255 and a launch daemon that adjusts capture permissions at system startup. See the
256 included _Read me first_ file for more details.
258 [[ChBuildInstallUnixBuild]]
260 === Building Wireshark from source under UNIX
262 Building Wireshark requires the proper build environment including a
263 compiler and many supporting libraries. See the Developer's Guide at
264 {wireshark-developers-guide-url} for more information.
266 Use the following general steps to build Wireshark from source under UNIX or Linux:
268 . Unpack the source from its compressed `tar` file. If you are using Linux or
269 your version of UNIX uses GNU `tar` you can use the following command:
273 $ tar xaf wireshark-2.4.5.tar.xz
275 In other cases you will have to use the following commands:
277 $ xz -d wireshark-2.4.5.tar.xz
278 $ tar xf wireshark-2.4.5.tar
282 . Change directory to the Wireshark source directory.
288 . Configure your source so it will build correctly for your version of UNIX. You
289 can do this with the following command:
295 If this step fails you will have to rectify the problems and rerun `configure`.
296 Troubleshooting hints are provided in <<ChBuildInstallUnixTrouble>>.
304 . Install the software in its final destination.
312 Once you have installed Wireshark with _make install_ above, you should be able
313 to run it by entering `wireshark`.
315 [[ChBuildInstallUnixInstallBins]]
317 === Installing the binaries under UNIX
319 In general installing the binary under your version of UNIX will be specific to
320 the installation methods used with your version of UNIX. For example, under AIX,
321 you would use _smit_ to install the Wireshark binary package, while under Tru64
322 UNIX (formerly Digital UNIX) you would use _setld_.
324 ==== Installing from RPM's under Red Hat and alike
326 Building RPMs from Wireshark's source code results in several packages (most
327 distributions follow the same system):
329 * The `wireshark` package contains the core Wireshark libraries and command-line
332 * The `wireshark-qt` package contains the Qt-based GUI.
334 * The `wireshark-gtk` (formerly `wireshark-gnome`) package contains the legacy
337 Many distributions use `yum` or a similar package management tool to make
338 installation of software (including its dependencies) easier. If your
339 distribution uses `yum`, use the following command to install Wireshark
340 together with the Qt GUI:
343 yum install wireshark wireshark-qt
346 If you've built your own RPMs from the Wireshark sources you can install them
347 by running, for example:
350 rpm -ivh wireshark-2.0.0-1.x86_64.rpm wireshark-qt-2.0.0-1.x86_64.rpm
353 If the above command fails because of missing dependencies, install the
354 dependencies first, and then retry the step above.
356 ==== Installing from deb's under Debian, Ubuntu and other Debian derivatives
358 If you can just install from the repository then use
361 $ aptitude install wireshark
364 Aptitude should take care of all of the dependency issues for you.
366 Use the following command to install downloaded Wireshark deb's under Debian:
369 $ dpkg -i wireshark-common_2.0.5.0-1_i386.deb wireshark_wireshark-2.0.5.0-1_i386.deb
372 dpkg doesn't take care of all dependencies, but reports what's missing.
376 .Capturing requires privileges
378 By installing Wireshark packages non-root users won't gain rights automatically
379 to capture packets. To allow non-root users to capture packets follow the
380 procedure described in
381 file:///usr/share/doc/wireshark-common/README.Debian[/usr/share/doc/wireshark-common/README.Debian]
384 ==== Installing from portage under Gentoo Linux
386 Use the following command to install Wireshark under Gentoo Linux with all of
390 $ USE="c-ares gtk ipv6 portaudio snmp ssl kerberos threads selinux" emerge wireshark
393 ==== Installing from packages under FreeBSD
395 Use the following command to install Wireshark under FreeBSD:
398 $ pkg_add -r wireshark
401 pkg_add should take care of all of the dependency issues for you.
403 [[ChBuildInstallUnixTrouble]]
405 === Troubleshooting during the install on Unix
407 A number of errors can occur during the installation process. Some hints on
408 solving these are provided here.
410 If the `configure` stage fails you will need to find out why. You can check the
411 file `config.log` in the source directory to find out what failed. The last few
412 lines of this file should help in determining the problem.
414 The standard problems are that you do not have a required development package on
415 your system or that the development package isn't new enough. Note that
416 installing a library package isn't enough. You need to install its development
417 package as well. `configure` will also fail if you do not have libpcap (at least
418 the required include files) on your system.
420 If you cannot determine what the problems are, send an email to the
421 _wireshark-dev_ mailing list explaining your problem. Include the output from
422 `config.log` and anything else you think is relevant such as a trace of the
425 [[ChBuildInstallWinBuild]]
427 === Building from source under Windows
429 We strongly recommended that you use the binary installer for Windows unless you
430 want to start developing Wireshark on the Windows platform.
432 For further information how to build Wireshark for Windows from the sources
433 see the Developer's Guide at {wireshark-developers-guide-url}.
435 You may also want to have a look at the Development Wiki
436 ({wireshark-wiki-url}Development) for the latest available development
439 ++++++++++++++++++++++++++++++++++++++
440 <!-- End of WSUG Chapter 2 -->
441 ++++++++++++++++++++++++++++++++++++++