Start of a PCNFSD dissector as the RPC dissector 150001.

[obnox/wireshark/wip.git] / README.win32

$Id: README.win32,v 1.28 2001/10/18 15:44:36 gerald Exp $

Installing Ethereal, Tethereal, and Editcap on Win32
====================================================
These are the instructions for installing Ethereal
from the installation executable that is provided on
the Ethereal website and any of its mirrors.

The installation package allows you to install:

        o Ethereal - the GUI version
        o Tethereal - the console, line-mode version
        o Editcap - a console, line-mode utility to convert
                capture files from one format to another.
                (The same functions are available in Ethereal)

Additionally, the installation package contains a "plugins"
option, which installs the Gryphon and MGCP dissector plugins
for use with Ethereal and Tethereal.

The "Debug PDB Files" are useful to install if you are experiencing
a crash when running and Ethereal. Dr. Watson or your debugger
can use the information in these files to provide useful information
to the Ethereal developers that will help them pinpoint the problem.
However, for general usage of Ethereal, these files are not
necessary. In the future, we may package them separately from
Ethereal.

In the past, two versions of Ethereal binaries were published -- a
version that could capture packets and a version which could not.
The latter is useful if you're only reading files produced by
another product (e.g., a sniffer, firewall, or intrustion detection system)
and did not wish to install WinPcap, the library Ethereal uses
to capture packets on Win32 platforms.

As of WinPcap 2.1, all the WinPcap libraries have been released as DLLs. 
This means that Ethereal can detect the presence of WinPcap at run time,
which means that only one version of the Ethereal binaries needs to be
shipped.

If you don't want to capture packets, just install the Ethereal
package. If you do want to capture packets, install Ethereal *and*
install the latest non-beta version of WinPcap, available from:

        http://netgroup-serv.polito.it/winpcap/

and mirrored at

        http://netgroup-mirror.ethereal.com/winpcap/

and

        http://www.wiretapped.net/security/packet-capture/winpcap/default.htm

If you already have an earlier version of WinPcap installed, you need to
un-install it and install the latest version.  If the older version is
WinPcap 2.0 or 2.02, and you have other applications that use the older
version , you will have to decide which applications to keep, since
WinPcap 2.0/2.02 and later versions cannot be installed on the same
system at the same time.

If Ethereal is not capturing packets and you have WinPcap installed, you
can test your WinPcap installation by installing WinDump (tcpdump for
Windows) ported by the same folks who make WinPcap.  It's at:

        http://netgroup-serv.polito.it/windump/

and mirrored at

        http://www.wiretapped.net/security/packet-capture/windump/default.htm

They also make Analyzer, a GUI sniffer for Win32:

        http://netgroup-serv.polito.it/analyzer/

The rest of this documentation is only interesting if
you want to compile Ethereal yourself.


Running Ethereal, Tethereal, and Editcap on Win32
=================================================
You need the glib and gtk libraries for running Ethereal. 

These packages for win32 can be found at:

        http://www.ethereal.com/distribution/win32

and at the home page for the GTK+ for Win32 project:

        http://www.gimp.org/~tml/gimp/win32

or
        http://www.iki.fi/tml/gimp/win32/

(the mirror nearer to you may be faster).

Plugins (gryphon.dll and mgcp.dll) can go in:
        C:\Program Files\Ethereal\plugins\<version>
        C:\Ethereal\plugins\<version>

Where <version> is the version number, without brackets.
For example, C:\Ethereal\plugins\0.8.16

Yes, the location of plugins needs to be more flexible.

Make sure the glib and gtk DLL's are in your path - i.e., that your path
includes the directory (folder) or directories (folders) in which those
DLLs are found - when you run Ethereal.  This includes gtk-*.dll,
glib-*.dll, gmodule-*.dll, gdk-*.dll, gnu-intl.dll, and iconv-*.dll.
As of the 20000805 GTK+/GLIB distribution, gthread-*.dll is no longer needed.

The Win32 Binary distribution, available from

        http://www.ethereal.com/distribution/win32

used different version of the GTK+/GLIB libraries at different points
in time:

Ethereal Version                GTK+/GLIB version
----------------                -----------------
0.8.16 and after                20001226
0.8.11 - 0.8.15                 20000805
0.8.9 - 0.8.10                  20000416
0.8.8 and before                19990828


Capturing Packets
-----------------
In order to capture with Win32, you need to install the NDIS
packet capture driver for your particular Win32 OS; drivers for Windows
9x, Windows NT 4.0, and Windows 2000 can be downloaded from the
WinPcap home page:

        http://netgroup-serv.polito.it/winpcap/

or the mirror site at

        http://www.wiretapped.net/security/packet-capture/winpcap/default.htm

Compiling the Ethereal distribution from source
===============================================
You'll need the development package for GLIB, GTK+, and WinPcap.
Those versions are available from the respctive home pages for
each project (the same URLs as listed above). The development
packages contain header files and stub libaries to link against.

The use of an SNMP library has not been made to work yet in
Ethereal/Win32, but a binary distribution of the UCD SNMP package,
including header files and a DLL of the UCD SNMP library, can be had
from:

        ftp://ftp.revelstone.com/snmp/binaries/

The file will probably be called "ucd-snmp-X.X-x86-win32.zip", where
"X.X" is the version number of the UCD SNMP library.

Instructions for MS Visual C
----------------------------
Modify the config.nmake file in the top directory of the Ethereal
source tree to work for your local configuration. You should not
have to modify any other Makefile.

In order to compile, at least with the default settings, you
also need zlib, which is provided as an archive library, not
a DLL. The pre-compiled zlib which comes with the "extralibs"
package from Gimp/Win32 is faulty; a working version can be
downloaded from:

        http://www.ethereal.com/distribution/win32/zlib-1.1.3-fixed.zip

Be sure that your command-line environment is set up to compile
and link with MSVC. When installing MSVC, you can have your
system's environment set up to always allow compiling from the
command line, or you can invoke the vcvars32.bat script.

The first time you build Ethereal, run the script "cleanbld.bat" to make
sure that the "config.h" files will be reconstructed from the
"config.h.win32" files.  (If, for example, you have "config.h" files
left over from a Unix build, a Windows build will fail.)

In the ethereal directory, type "nmake -f makefile.nmake". It will
recurse into the subdirectories as appropriate.

Some generated source is created by traditionally "Unix-ish" tools.
If you are building from an official distribution, these files are
already generated, so you have nothing to worry about unless you
modify the source. If building from a CVS image, you'll need the tools
to generate C source. The "special" files and their requisite tools are:

Source                          Output                  Tool
------                          ------                  ----
config.h.win32                  config.h                sed
epan/config.h.win32             epan/config.h           sed
image/ethereal.rc.in            image/ethereal.rc       sed
image/tethereal.rc.in           image/tethereal.rc      sed
image/editcap.rc.in             image/editcap.rc        sed
image/mergecap.rc.in            image/mergecap.rc       sed
image/text2pcap.rc.in           image/text2pcap.rc      sed
packaging/nsis/ethereal.nsi.in  packaging/ethereal.nsi  sed
wiretap/config.h.win32          wiretap/config.h        sed
epan/dfilter/dfilter-scanner.l  epan/dfilter/*.c        Flex
text2pcap-scanner.l             *.c                     Flex
wiretap/ascend-scanner.l        *.c                     Flex
wiretap/ascend-grammar.y        *.c,*.h                 Bison/Yacc
ncp2222.py                      packet-ncp2222.c        Python

make-reg-dotc, packet*.c        register.c              Bash + grep + sed
or
make-reg-dotc.py, packet*.c     register.c              Python

The Makefile.nmake supplied with the Ethereal distribution will
attempt to make register.c with Python, since it is much much much
faster than the shell version. The reason it is faster is because
the shell version launches multiple processes (grep, sed) for each
source file, multiple times. The Python script is one process. This
matters a lot on Win32. If for some reason you want to build register.c
with the shell script, uncomment out the action line for the register.c
target in Makefile.nmake.

If you have a Unix system handy, you can first build on Unix to create
most of the source files that these tools make, then run the build on
Windows.  That will avoid the need for these tools on your Windows
computer.  (This won't work for the files in the "image" directory,
however, as those aren't built on Unix - they're only for Windows
builds.  It also won't work for the "config.h" files; whilst those are
built for Unix, they're specific to the platform on which you're
building, and the "config.h" files constructed for a Unix build will not
work with a Windows build.)

If you don't have a Unix system handy, most of those tools are available for
Win32 systems as part of the Cygwin package:

        http://sourceware.cygnus.com/cygwin/

After installing them, you will probably have to modify the config.nmake
file to specify where the Cygwin binaries are installed.

Python for Win32 is available from

        http://www.python.org/


Instructions for Cygwin
-----------------------
No one has ever compiled Ethereal entirely with Cygwin.  It should not
be difficult, however.  This spot is reserved for your instructions on
how to compile Ethereal with Cygwin.