-$Id: README.win32,v 1.54 2003/12/12 16:06:29 gerald Exp $
+$Id$
Installing Ethereal, Tethereal, and Editcap on Win32
====================================================
These are the instructions for installing Ethereal
from the installation executable that is provided on
-the Ethereal website and any of its mirrors.
+the Ethereal website at:
+
+http://www.ethereal.com/distribution/win32
+
+and any of its mirrors.
The installation package allows you to install:
capture files into one
Additionally, the installation package contains a "plugins"
-option, which installs the Gryphon, MGCP and GIOP dissector plugins
+option, which installs some additional dissector plugins
for use with Ethereal and Tethereal.
All binaries in Ethereal package are now built with debugging
you want to compile Ethereal yourself.
-Running Ethereal, Tethereal, and Editcap on Win32
-=================================================
-You need the glib and gtk libraries for running Ethereal.
+Compiling the Ethereal distribution from source
+===============================================
-These packages for win32 can be found at:
+Compilers
+---------
+MS Visual C++ Version 6
+This is the common compiler used for building Ethereal on win32.
- http://www.ethereal.com/distribution/win32
+MS Visual C++ Version 7 / VC.NET
+Currently unsupported for two reasons:
+-the licence agreement does NOT allow you to compile GPL code.
+-there are serious problems in using DLL's compiled with MS VC6.
+See section "Problems with MS Visual C++ Version 7 / VC.NET" below.
-and at the home page for the GTK+ for Win32 project:
+Cygwin GCC
+Ethereal can entirely be built with cygwin GCC. However the built binaries will
+only run in a cygwin environment, so they are not standalone Win32 applications.
+It is however not excluded that native Win32 code can be compiled on cygwin GCC
+but you then have to use -mms-bitfields as a strict minimum and probably
+-mno-cygwin or a similar compiler flag too.
+See section below for instructions.
- http://www.gimp.org/~tml/gimp/win32
-or
- http://www.iki.fi/tml/gimp/win32/
+Automated library download
+--------------------------
+Before using the automated download, be sure to edit the config.nmake file
+to suit your needs. Especially have a look at the ETHEREAL_LIBS setting.
+However, the defaults should be working well for a first start.
-(the mirror nearer to you may be faster).
+If you've installed Microsoft Visual C++ (MSVC), you can run:
-Plugins (gryphon.dll and mgcp.dll) can go in:
- <Ethereal installation directory>\plugins\<version>
+nmake -f makefile.nmake setup
-Where <version> is the version number, without brackets. For example,
-if you have Ethereal 0.9.8 installed in the default location, plugins
-will reside in C:\Program Files\Ethereal\plugins\0.9.8
+This will first check the availability of all required tools and then uses
+the tool wget to download each package file (together around 30MB!) from the
+server location at:
-Yes, the location of plugins needs to be more flexible.
+ http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/
-Make sure the glib and gtk DLL's are in your path - i.e., that your
-path includes the directory (folder) or directories (folders) in which
-those DLLs are found - when you run Ethereal. This includes gtk-*.dll,
-glib-*.dll, gmodule-*.dll, gdk-*.dll, intl.dll, and iconv-*.dll. As of
-the 20000805 GTK+/GLIB distribution, gthread-*.dll is no longer needed.
+and unpack it in the $ETHEREAL_LIBS directory.
-The Win32 Binary distribution, available from
+If you have problems downloading the files, you might be connected to the
+internet through a proxy/firewall. In this case see the wget documentation
+to configure wget accordingly.
- http://www.ethereal.com/distribution/win32
-used different version of the GTK+/GLIB libraries at different points
-in time:
+Required libraries
+------------------
+If the automated library download finished sucessfully, you should have all
+libraries on your machine at the right places. So you don't have to read this,
+unless you are interested which libraries are used.
-Ethereal Version GTK+/GLIB version
----------------- -----------------
-0.8.16 and after 20001226
-0.8.11 - 0.8.15 20000805
-0.8.9 - 0.8.10 20000416
-0.8.8 and before 19990828
+You'll need the development packages for GLIB, GTK+, iconv, gettext,
+WinPcap, Net-SNMP, and optionally ADNS, PCRE and zlib. The development
+packages contain header files and stub libraries to link against.
+PRECOMPILED VERSIONS OF ALL OF THESE PACKAGES ARE AVAILABLE AT:
-Capturing Packets
------------------
-In order to capture with Win32, you need to install the NDIS
-packet capture driver for your particular Win32 OS; drivers for Windows
-9x, Windows NT 4.0, and Windows 2000 can be downloaded from the
-WinPcap home page:
+ http://anonsvn.ethereal.com/ethereal-win32-libs/trunk/packages/
- http://winpcap.polito.it/
-or the mirror site at
+The GLIB, GTK+, iconv, gettext packages for win32 can be found at the home
+page for the GTK+ for Win32 project:
- http://www.wiretapped.net/security/packet-capture/winpcap/default.htm
+ http://www.gimp.org/~tml/gimp/win32 or the mirror
+ http://www.iki.fi/tml/gimp/win32/
-Compiling the Ethereal distribution from source
-===============================================
+The Net-SNMP package for win32 is available at its homepage:
-You'll need the development packages for GLIB, GTK+, iconv, gettext,
-WinPcap, zlib, Net-SNMP, ADNS, and PCRE. The GLIB, GTK+, and WinPcap
-packages are available from the respctive home pages for each project
-(the same URLs as listed above). The development packages contain header
-files and stub libaries to link against. Precompiled versions of these
-packages are available at
+ http://
- http://www.ethereal.com/distribution/win32/development/
+The WinPcap package is available at its homepage:
+
+ http://winpcap.polito.it/ or the mirror
+ http://www.wiretapped.net/security/packet-capture/winpcap/default.htm
-The ADNS package is also available at its homepage:
+The optional ADNS package for win32 is available at its homepage:
http://adns.jgaa.com/
+The optional PCRE package (Perl Compatible Regular Expressions) for win32 is
+available at its homepage:
+
+ http://gnuwin32.sourceforge.net/packages/pcre.htm
+
+The optional zlib package for win32 is available at its homepage:
+
+ http://www.gzip.org/zlib/
+
+
By default, the build process looks for these packages in
C:\ethereal-win32-libs. You can place them in a different directory, but
-you must update config.nmake accordingly. The default location for each
-package is as follows:
-
- Package Default Location
- ------- ----------------
- adns-1.0-win32-01.zip C:\ethereal-win32-libs
- glib-2.2.1.zip C:\ethereal-win32-libs\glib
- glib-dev-2.2.1.zip C:\ethereal-win32-libs\glib
- gtk+-1.3.0-20030216.zip C:\ethereal-win32-libs\gtk+
+you must update the ETHEREAL_LIBS variable in config.nmake accordingly.
+
+The following lists the packages needed to compile Ethereal and the default
+locations where to unpack them, when the above method isn't used.
+
+ Package Default Location
+ ------- ----------------
+ glib-2.2.3-20040116.zip C:\ethereal-win32-libs\glib
+ glib-dev-2.2.3-20040116.zip C:\ethereal-win32-libs\glib
+ gtk+-1.3.0-20030717.zip C:\ethereal-win32-libs\gtk+
gtk+-dev-1.3.0-20030115.zip C:\ethereal-win32-libs\gtk+
- libiconv-1.9.1.bin.woe32.zip C:\ethereal-win32-libs\gtk+
- gettext-runtime-0.12.1.bin.woe32.zip [ None ]
+ libiconv-1.9.1.bin.woe32.zip C:\ethereal-win32-libs\libiconv-1.9.1.bin.woe32
+ gettext-runtime-0.13.1.zip C:\ethereal-win32-libs\gettext-runtime-0.13.1
net-snmp-5.1.zip C:\ethereal-win32-libs
+ wpdpack_3_0.zip C:\ethereal-win32-libs
+
+and optional:
+
+ adns-1.0-win32-03.zip C:\ethereal-win32-libs
pcre-4.4.zip C:\ethereal-win32-libs
zlib121-dll.zip C:\ethereal-win32-libs\zlib121-dll
+(to use the default locations, the directories in question should be
+created, and each zip file should be unpacked into the corresponding
+directory). If you only want to change the C:\ethereal-win32-libs
+part, you just change the setting of ETHEREAL_LIBS in config.nmake; if
+you want to change subdirectories, you'll have to change the individual
+item for a package. (Note that some zip files create the subdirectory -
+those zip files just have C:\ethereal-win32-libs in the list above - so
+if you don't want the package to be in that subdirectory, you'd have to
+rename the directory.)
+
The gettext runtime package provides intl.dll, which is needed by
GLib 2.2.3.
+
+Compiling the Ethereal distribution using GTK+2
+-----------------------------------------------
+
+The more recent version 2 of the GTK+ can be used to compile
+Ethereal with, but is still considered beta.
+
+GTK+2 will look better in various ways, especially for WIN32 users.
+
+You can get the required libraries from:
+
+http://www.ethereal.com/distribution/win32/development/gtk2
+
+or (like the GTK+1 libraries from the GTK+ for Win32 project):
+
+http://www.gimp.org/~tml/gimp/win32/downloads.html
+
+If you want to try a build with GTK+2.x these Extra libraries are needed
+
+ Package Default Location
+ ------- ----------------
+ gtk+-2.2.4-20040124.zip C:\ethereal-win32-libs\gtk2
+ gtk+-dev-2.2.4-20040124.zip C:\ethereal-win32-libs\gtk2
+ pango-1.2.5-20040124.zip C:\ethereal-win32-libs\gtk2
+ pango-dev-1.2.5-20040124.zip C:\ethereal-win32-libs\gtk2
+ atk-1.4.0.zip C:\ethereal-win32-libs\gtk2
+ atk-dev-1.4.0.zip C:\ethereal-win32-libs\gtk2
+
+and optional:
+
+ gtk-wimp-0.5.3-bin.zip C:\ethereal-win32-libs\gtk-wimp
+
+Be sure to set GTK2_DIR in config.nmake correct, to be able to compile.
+
+Running your freshly compiled Ethereal
+--------------------------------------
+
+Make sure the glib and gtk DLL's are in your path or you use a directory
+where all required DLL's and the exe files reside.- i.e., that your
+path includes the directory (folder) or directories (folders) in which
+those DLLs are found - when you run Ethereal.
+
+Note the wiretap*.dll must be in your path as well and if wiretap is changed
+be sure to put the new one in your path.
+
+Plugins (gryphon.dll and mgcp.dll) can go in:
+ <Ethereal installation directory>\plugins\<version>
+
+Where <version> is the version number, without brackets. For example,
+if you have Ethereal 0.9.8 installed in the default location, plugins
+will reside in C:\Program Files\Ethereal\plugins\0.9.8
+
+Yes, the location of plugins needs to be more flexible.
+
Instructions for MS Visual C++
----------------------------
Modify the config.nmake file in the top directory of the Ethereal source
the pathname of your Python interpreter executable. You should not have
to modify any other Makefile.
+Note that perl is needed to build the documentation, the lines in config.nmake
+
+POD2MAN=$(SH) pod2man
+POD2HTML=$(SH) pod2html
+
+requires Cygwin bash and perl to work.
+
Many of the file and directory names used in the build process go past
the old 8.3 naming limitations. As a result, at least on Windows NT 4.0,
Windows 2000, Windows XP, and Windows .NET Server, you should use the
The "special" files and their requisite tools are:
-Source Output Tool
------- ------ ----
-config.h.win32 config.h sed
-epan/config.h.win32 epan/config.h sed
-image/ethereal.rc.in image/ethereal.rc sed
-image/tethereal.rc.in image/tethereal.rc sed
-image/editcap.rc.in image/editcap.rc sed
-image/mergecap.rc.in image/mergecap.rc sed
-image/text2pcap.rc.in image/text2pcap.rc sed
-packaging/nsis/ethereal.nsi.in packaging/ethereal.nsi sed
-wiretap/config.h.win32 wiretap/config.h sed
-epan/dfilter/dfilter-scanner.l epan/dfilter/*.c Flex
-text2pcap-scanner.l *.c Flex
-wiretap/ascend-scanner.l *.c Flex
-wiretap/ascend-grammar.y *.c,*.h Bison/Yacc
-ncp2222.py packet-ncp2222.c Python
-
-make-reg-dotc, packet*.c register.c Bash + grep + sed
+Source Output Tool
+------ ------ ----
+config.h.win32 config.h sed
+epan/config.h.win32 epan/config.h sed
+image/ethereal.rc.in image/ethereal.rc sed
+image/tethereal.rc.in image/tethereal.rc sed
+image/editcap.rc.in image/editcap.rc sed
+image/mergecap.rc.in image/mergecap.rc sed
+image/text2pcap.rc.in image/text2pcap.rc sed
+wiretap/config.h.win32 wiretap/config.h sed
+epan/dfilter/dfilter-scanner.l epan/dfilter/*.c Flex
+text2pcap-scanner.l *.c Flex
+wiretap/ascend-scanner.l *.c Flex
+wiretap/ascend-grammar.y *.c,*.h Bison/Yacc
+ncp2222.py packet-ncp2222.c Python
+
+make-reg-dotc, packet*.c register.c Bash + grep + sed
or
-make-reg-dotc.py, packet*.c register.c Python
+make-reg-dotc.py, packet*.c register.c Python
-make-tapreg-dotc, tap-*.c tethereal-tap-register.c
- Bash + grep + sed
+make-tapreg-dotc, tap-*.c tethereal-tap-register.c
+ Bash + grep + sed
make-tapreg-dotc, tap files gtk/ethereal-tap-register.c
- in the gtk subdirectory Bash + grep + sed
+ in the gtk subdirectory Bash + grep + sed
The Makefile.nmake supplied with the Ethereal distribution will, if
PYTHON is defined in config.nmake, attempt to make register.c with
After installing them, you will probably have to modify the config.nmake
file to specify where the Cygwin binaries are installed.
-Python for Win32 is available from
+Python for Win32 is available from:
http://www.python.org/
+Build an (NSIS based) installer
+-------------------------------
+
+If you want to build your own installer, you need to get NSIS from:
+
+http://nsis.sourceforge.net/home/
+
+After installing it, you will probably have to modify the config.nmake
+file to specify where the NSIS binaries are installed and wether to use the modern UI or not.
+You will need NSIS version 2 or higher, to build an installer with the modern user interface,
+and for a much smaller installer (using the lzma compression).
+
+In the ethereal directory, type "nmake -f makefile.nmake packaging" to build the installer.
+Please be patient while the compression is done, it will take some time even on fast machines.
+
+You will hopefully now see something like ethereal-setup-0.10.2.exe in the dir packaging/nsis.
+
+
+Installing GTK-Wimp
+-------------------
+
+GTK-Wimp can be used to get a native Look-and-Feel on WinXP machines,
+especially with the new "coloured" WinXP theme. It will only take effect
+together with the GTK2 version of Ethereal.
+
+No changes to the Ethereal sources are needed, GTK-Wimp simply changes the
+way GTK2 displays the widgets (by changing the GTK2 default theme).
+
+GTK-Wimp might already be installed. In this case, the files mentioned below
+are already existing at the appropriate places.
+
+If GTK-Wimp isn't installed, you can install it yourself:
+
+1. Go to http://gtk-wimp.sourceforge.net/
+2. Download the ZIP archive containing the library and the theme
+3. Locate the installation directory of Ethereal (C:\Program Files\Ethereal)
+4. Create a subdirectory 'share\themes\Default\gtk-2.0'
+5. Drop the file 'gtkrc' in 'share\themes\Default\gtk-2.0'
+6. Create a subdirectory named 'lib\gtk-2.0\2.2.0\engines'
+7. Drop the 'libwimp.dll' library in 'lib\gtk-2.0\2.2.0\engines'
+
+When you're finished, you should have:
+
+C:\Program Files\Ethereal\lib\gtk-2.0\2.2.0\engines\libwimp.dll
+C:\Program Files\Ethereal\share\themes\Default\gtk-2.0\gtkrc
+
+After (re-)starting Ethereal, you should now see it's widgets in the modern
+WinXP style on your screen.
+
+
+Problems with MS Visual C++ Version 7 / VC.NET
+----------------------------------------------
+Beside licensing problems with these compilers, there are known problems with DLL's.
+If Ethereal is compiled with MSVC Version 7, there are conflicts in the MSVCRT DLL's,
+The MSVCRT.DLL includes the standard ANSI-C functions like fopen, malloc, etc.. MSVCRT.DLL
+is shipped with the MSVC 6 compiler versions, and dynamically linked to prebuild DLL's like
+the one's for gtk, glib and such. The MSVC 7 compiler now uses and ships MSVCRT71.DLL with
+it, which is incompatible with MSVCRT.DLL. So when using the MSVC 7 compiler, some parts of
+the Ethereal code uses MSVCRT71.DLL, and some others (indirectly from e.g. the gtk DLL) will
+use MSVCRT.DLL. This will result in incorrect file handles and such.
+
+The same problem seems to apply on all MSVC compilers after version 6, like the
+"Microsoft Visual C++ Toolkit 2003".
+
+
Instructions for Cygwin
-----------------------
$ make install
5. Patch Makefile.am in <ethereal-src>/gtk/Makefile.am by
- removing "gtkclist.c" from the dependencies.
+ removing "ethclist.c" from the dependencies.
This patch is required since the private GTK+ clist widget
(was required for earlier versions of GTK+ but prevents Ethereal
$ PATH=/opt/gnome/bin:$PATH
- $ ./autogen.sh --without-pcap --without-plugins
- $ ./configure --without-pcap --without-plugins
+ $ ./autogen.sh
+ $ ./configure --config-cache --without-pcap
$ make
- This make will eventually stop, but it is required as e.g., the
- GTK binaries are built then.
-
- $ make ethereal.exe
-
7. Start X
$ sh /usr/X11R6/bin/startxwin.sh
- For non-US keyboard layouts, use (replace 'be' with your layout):
-
- $ setxkbmap.exe -layout be
+ Or you can start it from C:\cygwin\usr\X11R6\bin\startxwin.bat
8. Run ethereal (add /opt/gnome/bin to $PATH if this is not yet done)
$ <ethereal-src>/ethereal
- And voila! Behold the mighty sniffer in all its glory!
+ And voila! Behold the mighty sniffer in all its glory!
-Something is wrong with the makefile that gets generated, so it doesn't work
-just running make.
-I am not curious enough to look at why 'make' doesnt work; 'make ethereal.exe'
-works well enough for me.
+ Note that the plugin dissectors must be installed (make install) if you
+ want to use them. Note also that running "make install" produces lots of
+ output to the console; this is normal.
Note: Compiling Ethereal under cygwin takes a lot of time, because the
generation of 'register.c' takes ages. If you only edit one dissector and
@echo Skipping generation of register.c
Of course, you need to generate the 'register.c' file at least once.
+
+Note: You can also capture packets on a cygwin built Ethereal. You then have
+to unpack the WinPCap development package, install the files in lib/ and
+include/ in say /usr/lib and /usr/include (they must be in the search path of
+the compiler and linker, otherwise you have to specify the configure option
+--with-pcap=/location/to/pcap so the packet capture functionality can be used.
+In order to run Ethereal, you have to add the .dll files in a directory in the
+PATH (e.g., /bin).
+Should you want packet capturing enabled in the cygwin build, then you have to
+remove --without-pcap from step 6.