-$Id: README,v 1.54 2002/01/29 09:45:55 guy Exp $
+$Id$
General Information
------- -----------
Ethereal is known to compile and run on the following systems:
- - Linux (2.0.x, 2.1.x, 2.2.x, 2.3.x, 2.4.x)
- - Solaris (2.5.1, 2.6, 7)
- - FreeBSD (2.2.5, 2.2.6, 3.1, 3.2, 3.3)
+ - Linux (2.0 and later kernels, various distributions)
+ - Solaris (2.5.1 and later)
+ - FreeBSD (2.2.5 and later)
+ - NetBSD
+ - OpenBSD
+ - Mac OS X (10.2 and later)
+ - HP-UX (10.20, 11.00, 11.11)
- Sequent PTX v4.4.5 (Nick Williams <njw@sequent.com>)
- - Tru64 UNIX (formerly Digital UNIX) (3.2, 4.0)
+ - Tru64 UNIX (formerly Digital UNIX) (3.2 and later)
- Irix (6.5)
- AIX (4.3.2, with a bit of work)
- - Win32 (NT, 98)
+ - Win32 (98, NT, 2000, XP)
-It should run on other Unix-ish systems without too much trouble.
+and possibly on other versions of those OSes. It should run on other
+Unix-ish systems without too much trouble.
NOTE: the Makefile appears to depend on GNU "make"; it doesn't appear to
work with the "make" that comes with Solaris 7 nor the BSD "make".
AIX's iptrace
Cinco Networks NetXRray
Network Associates Windows-based Sniffer
-AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek
+AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp
RADCOM's WAN/LAN Analyzer
Lucent/Ascend access products
HP-UX's nettl
VMS's TCPIPtrace utility
DBS Etherwatch for VMS
Traffic captures from Visual Networks' Visual UpTime
+CoSine L2 debug output
+Output from Accellent's 5Views LAN agents
+Endace Measurement Systems' ERF format
+Linux Bluez Bluetooth stack "hcidump -w" traces
+Network Instruments Observer version 9
+Trace files for the EyeSDN USB S0
In addition, it can read gzipped versions of any of these files
automatically, if you have the zlib library available when compiling
line of ISDN routers (TR-600 and TR-650). You can telnet to the router
and start a dump session with "snoop dump".
-To use the Lucent/Ascend and Toshiba traces with Ethereal, you must capture
-the trace output to a file on disk. The trace is happening inside the router
-and the router has no way of saving the trace to a file for you.
+CoSine L2 debug output can also be read by Ethereal. To get the L2
+debug output, get in the diags mode first and then use
+"create-pkt-log-profile" and "apply-pkt-log-profile" commands under
+layer-2 category. For more detail how to use these commands, you
+should examine the help command by "layer-2 create ?" or "layer-2 apply ?".
+
+To use the Lucent/Ascend, Toshiba and CoSine traces with Ethereal, you must
+capture the trace output to a file on disk. The trace is happening inside
+the router and the router has no way of saving the trace to a file for you.
An easy way of doing this under Unix is to run "telnet <ascend> | tee <outfile>".
Or, if your system has the "script" command installed, you can save
a shell session, including telnet to a file. For example, to a file named
IPv6
----
If your operating system includes IPv6 support, ethereal will attempt to
-use reverse name resolution capabilities when decoding IPv6 packets. If
-you want to turn off name resolution while using ethereal, start ethereal
-with the "-n" option. If you would like to compile ethereal without
-support for IPv6 name resolution, use the "--disable-ipv6" option with
-"./configure". If you compile ethereal without IPv6 name resolution,
-you will still be able to decode IPv6 packets, but you'll only see IPv6
-addresses, not host names.
+use reverse name resolution capabilities when decoding IPv6 packets.
+
+If you want to turn off name resolution while using ethereal, start
+ethereal with the "-n" option to turn off all name resolution (including
+resolution of MAC addresses and TCP/UDP/SMTP port numbers to names), or
+with the "-N mt" option to turn off name resolution for all
+network-layer addresses (IPv4, IPv6, IPX).
+You can make that the default setting by opening the Preferences dialog
+box using the Preferences item in the Edit menu, selecting "Name
+resolution", turning off the appropriate name resolution options,
+clicking "Save", and clicking "OK".
-NetWare Core Protocol
----------------------
-There are over 400 different NCP packet types. The NCP dissector does
-not understand all of these; support is being added little by little. If
-you have some NCP packets that are not dissected by Ethereal, send
-a trace file to ethereal-dev@ethereal.com and if possible, we will add support
-for those packets types.
+If you would like to compile ethereal without support for IPv6 name
+resolution, use the "--disable-ipv6" option with "./configure". If you
+compile ethereal without IPv6 name resolution, you will still be able to
+decode IPv6 packets, but you'll only see IPv6 addresses, not host names.
SNMP
----
-Ethereal can do some basic decoding of SNMP packets; it can also use an
-external SNMP library to do more sophisticated decoding.. The configure
-script will automatically determine which library you have on your
-system and will use it. If you have an SNMP library but _do not_ want
-to have ethereal use it, you can run configure with the "--disable-snmp"
-option.
+Ethereal can do some basic decoding of SNMP packets; it can also use the
+UCD SNMP library, version 4.2.2 or later, to do more sophisticated
+decoding, by reading MIB files and using the information in those files
+to display OIDs and variable binding values in a friendlier fashion.
+The configure script will automatically determine whether you have the
+UCD SNMP library on your system, and will use it if it's version 4.2.2
+or later. If you have an SNMP library but _do not_ want to have
+ethereal use it, you can run configure with the "--without-ucd-snmp"
+option.
+
+If you have an earlier version of the UCD SNMP library on your system,
+the configure script will stop, reporting that it can't find the
+"sprint_realloc_objid()" routine; you should either upgrade to version
+4.2.4 or later, as UCD SNMP 4.2.4 fixes some potential buffer overflow
+problems, or should configure with "--without-ucd-snmp".
How to Report a Bug