1 NOTE: this document applies to the Wireshark source releases. It also
2 applies to buildbot source tarballs, but it does not apply to source
3 code checked out directly from Subversion, as files such as the
4 configuration script are not checked into Subversion, but need to be
5 generated from the autoconf and automake files.
10 These are installation instructions for Unix and Unix-like systems
11 that can run the "configure" script in this same directory. These
12 are not the installation instructions for Windows systems; see
13 README.win32 for those instructions.
15 0. This is beta software. Beware.
17 1. If you wish to build Wireshark, make sure you have GTK+ and GLib
18 installed. Try running 'pkg-config glib-2.0 --modversion' to see if
19 you have GLib 2.x installed and, if that fails, try running
20 'glib-config --version' to see if you have GLib 1.2[.x] installed.
21 Then try running 'pkg-config gtk+-2.0 --modversion' to see if you
22 have GTK+ 2.x installed and, if that fails, try running
23 'gtk-config --version' to see if you have GTK+ 1.2[.x] installed.
24 Wireshark needs versions 1.2.0 or above of both these packages.
25 If you need to install or re-install GTK+ or GLIB, you can find
30 If you installed GTK+ from a binary package, you may have to
31 install a "development" package; there may be separate "user's"
32 and "developer's" packages, with the former not including
33 header files and the like. For example, Red Hat users will
34 need to install a "gtk-devel" .rpm.
36 Note also that Wireshark configuration defaults to using GTK+ and
37 GLib 2.x; you need to configure with --disable-gtk2 to use GTK+
40 2. If you wish to build TShark, the line-mode version of Wireshark,
41 make sure you have GLIB installed. See note #1 above for instructions
42 on checking if you have GLIB installed. You can download GLIB from
45 3. If you want to capture packets, make sure you have libpcap
46 installed. The latest "official" version can be found at
48 http://www.tcpdump.org .
50 If you've downloaded the 0.5.2 version, make sure you install
51 the headers ('make install-incl') when you install the library.
52 The CVS snapshots will install the headers if you do 'make
53 install', and have no 'install-incl' target.
55 If you installed libpcap from a binary package, you may have to
56 install a "development" package; for example, there's
57 apparently a "libpcap0" Debian package, but it just includes a
58 shared library, a copyright notice, changelog files, and a
59 README file - you also need to install a "libpcap-dev" package
60 to get header files, a non-shared library, and the man page.
61 Similarly, Red Hat 5.x users will need to install a "libpcap-devel"
62 .rpm to go along with the "libpcap" .rpm.
64 4. Run './configure' in the Wireshark distribution directory.
65 Running './configure --help' displays a list of options.
66 The file 'INSTALL.configure' contains general instructions for
67 using 'configure' and 'make'. Wireshark has some non-generic configure
71 Wireshark installs a support file (manuf) in ${PREFIX}/etc by
72 default, where ${PREFIX} comes from --prefix=DIR. If you do not
73 specify any --prefix option, ${PREFIX} is "/usr/local".
74 You can change the location of the manuf file with the --sysconfdir
78 By default 'configure' will look in /usr/local/{include,lib} for
79 additional header files and libraries. Using this switch keeps
80 'configure' from looking there
83 By default, if 'configure' finds the GTK+ libraries, the Makefile
84 build Wireshark, the GUI packet analyzer. You can disable the
85 build of the GUI version of Wireshark with this switch.
88 Build Glib/Gtk+ 1.2[.x]-based wireshark.
91 By default the line-mode packet analyzer, TShark, is built.
92 Use this switch to avoid building it.
95 By default the capture-file editing program is built.
96 Use this switch to avoid building it.
99 By default the capture-file merging program is built.
100 Use this switch to avoid building it.
103 By default the hex-dump-to-capture file conversion program
104 is built. Use this switch to avoid building it.
107 By default the IDL-to-wireshark-dissector-source-code converter
108 is built. Use this switch to avoid building it.
111 By default the display-filter-compiler test program is not built.
112 Use this switch to build it.
115 By default the program which creates random packet-capture files
116 is not built. Use this switch to build it.
119 If you choose to build a packet analyzer that can analyze
120 capture files but cannot capture packets on its own, but you
121 *do* have libpcap installed, or if you are trying to build
122 Wireshark on a system that doesn't have libpcap installed (in
123 which case you have no choice but to build a version that can
124 analyze capture files but cannot capture packets on its own),
125 use --without-pcap to avoid using libpcap.
128 Use this to tell Wireshark where you have libpcap installed, if
129 it is installed in a non-standard location.
132 By default, if 'configure' finds zlib (a.k.a, libz), the
133 wiretap library will be built so that it can read compressed
134 capture files. If you have zlib but do not wish to build
135 it into the wiretap library, used by Wireshark, TShark, and
136 the capture-file utilities that come in this package, use
140 Use this to tell Wireshark where you have zlib installed, if it
141 is installed in a non-standard location.
144 If 'configure' finds support for IPv6 name resolution on
145 your system, the packet analyzers will make use of it.
146 To avoid using IPv6 name resolution if you have the support for it,
149 --enable-setuid-install
150 Use this switch to install the packet analyzers as setuid.
151 Installing Wireshark and TShark as setuid 'root' is
152 dangerous. Repeat: IT'S DANGEROUS. Don't do it. (In fact,
153 applications using GTK+ 2.x will refuse to run setuid at
154 all, so Wireshark might not even run setuid.)
157 If your SNMP library needs the SSL library, and your
158 SSL library is installed in a non-standard location,
159 you can specify where your SSL library is with this switch.
162 If 'configure' finds a supported version of the Net-SNMP library
163 on your system, the SNMP dissector will be enhanced to use
164 routines from the Net-SNMP library. Use this switch to avoid
165 using the Net-SNMP library even if you have it installed.
168 Tell the 'configure' script where your net-snmp-config shell script
169 that comes with the net-snmp package is located, if not in a standard
173 By default, if your system can support run-time loadable modules,
174 the packet analyzers are build with support for plugins.
175 Use this switcht to build packet analyzers without plugin support.
178 By default, plugins are installed in
179 ${LIBDIR}/wireshark/plugins/${VERSION}
181 ${LIBDIR} can be set with --libdir, or defaults to ${EPREFIX/lib}
182 ${EPREFIX} can be set with --exec-prefix, or defaults to ${PREFIX}
183 ${VERSION} is the Etherael version.
185 Use this switch to change the location where plugins
188 5. After running './configure', you will see a summary of some
189 of the options you chose. Ensure that the summary reflects
190 what you want. If it doesn't, re-run './configure' with new options.
192 6. Run 'make'. Hopefully, you won't run into any problems.
194 7. Run './wireshark' or './tshark', and make sure things are working.
195 You must have root privileges in order to capture live data.
197 8. Run 'make install'. If you wish to install the man page, run
198 'make install-man'. If you're running a system that supports
199 the Apt, RPM, or System V Release 4 packaging systems, you can
202 make debian-package # Builds a binary package using dpkg
203 make rpm-package # Builds a binary package using rpm
204 make srpm-package # Builds a source package using rpm
205 make svr4-package # Builds a source package using pkgmk
206 make solaris-package # Same as "make svr4-package"
208 to make an installable package for your system.
210 If you have trouble with the build or installation process, you can
211 find assistance on the wireshark-users and wireshark-dev mailing lists.
212 See http://www.wireshark.org/lists/ for details.