Linux HOWTOs

About | Home | Search


HOWTO: ethereal
Description: Network protocol analyzer (packet sniffer)
Click here for ChangeLog
NOTE: I use GNU tar >= 1.13.25 so it's -j for .tar.bz2 files,
it's safe to assume that make, gcc, binutils, fileutils/coreutils, gawk, sed, and grep are prerequisites for almost everything


# Ethereal 0.99.0
# ===============
# A fork/replacement? for Ethereal named Wireshark has been released.  It's
# howto is here.  If you're
# planning on replacing Ethereal with Wireshark, skip down to the bottom for
# Ethereal uninstallation instructions.

# Prerequisites:
# gawk
# sed
# grep
# bison
# flex
# perl
# python (optional)
# rpm (optional)
# pkg-config
# libpcap
# GnuTLS or OpenSSL (optional)
# zlib (optional)
# ucd-snmp/net-snmp (optional)
# glib and gtk+ 1.x or 2.x
# libiconv
# XFree86 or X.org libraries (for the gui ethereal)
# See the "Requirements For Compiling" section of the Ethereal web site
# for others.

# If you have trouble downloading Ethereal with the URL below, try here:
# http://prdownloads.sourceforge.net/ethereal/ethereal-0.99.0.tar.bz2

cd
test -f installed/ethereal-0.99.0.tar.bz2 &&
 mv installed/ethereal-0.99.0.tar.bz2 .
test ! -f ethereal-0.99.0.tar.bz2 &&
 wget http://download.sf.net/ethereal/ethereal-0.99.0.tar.bz2

# Verify tarball w/ md5sum:
echo "f9905b9d347acdc05af664a7553f7f76  ethereal-0.99.0.tar.bz2" | \
 md5sum -c

# Verify tarball w/ sha1sum:
echo "466299ac49f21904ed91b93e81667f226637e868  ethereal-0.99.0.tar.bz2" | \
 sha1sum -c

mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "ethereal-*" -exec rm -r {} \;
tar xjvf ~/ethereal-0.99.0.tar.bz2
cd ethereal-0.99.0
test $UID = 0 && chown -R root:root .

# If you have the X libraries installed but don't want to build the ethereal
# binary (you only need the text-based tethereal), add --disable-ethereal to
# the configure line below.

# If you have ucd/net-snmp installed but do not want to build it in, add
# either --with-net-snmp=no or --with-ucd-snmp=no to the configure line,
# depending on the one that you have.

# If you would rather build ethereal and/or tethereal with glib/gtk+ 1.x
# support, add --disable-gtk2 to the configure line

# ethereal needs to run as root to have access to interfaces and the like.
# If you need to run it from X, you're probably best off starting X as root
# or starting X as a non-root user and su-ing.  You can add
# --enable-setuid-install to configure below, but running it (and just about
# anything else) suid root is generally thought to be dangerous.
#
# Don't forget that you can run the text-based tethereal as root in or out
# of X.

# If you have GnuTLS and OpenSSL installed, it will use GnuTLS
# (even if you pass --with-ssl=/path/to/openssl)

# If you don't have OpenSSL installed in the usual source-installed place
# (/usr/local/ssl), like if you're using a distribution package that puts it
# under the /usr prefix, specify --with-openssl below without a PATH and
# configure should find it.

./configure --with-ssl=/usr/local/ssl --disable-ipv6 --enable-threads
make

# Become root to install it
su

find /usr/local/lib/ethereal/plugins/* -type d -exec rm -r {} \; 2> /dev/null
make install-strip
chown -R $USER .

# Become yourself again
exit

cd
mkdir -p -m 0700 installed
rm -f installed/ethereal-*.tar.*
mv ethereal-0.99.0.tar.bz2 installed/


# If you ever want to uninstall Ethereal, this should do it:
cd
su
test -d src/ethereal-* && ( cd src/ethereal-* ; make uninstall )
( cd /usr/local/bin ; rm -f capinfos dftest dumpcap editcap ethereal \
 idl2eth mergecap randpkt tethereal text2pcap )
( cd /usr/local/lib ; rm -f libethereal.* libwiretap.* )
test -d /usr/local/lib/ethereal && rm -r /usr/local/lib/ethereal
( cd /usr/local/man/man1 ; rm -f capinfos.1 dumpcap.1 editcap.1 ethereal.1 \
 idl2eth.1 mergecap.1 tethereal.1 text2pcap.1 )
rm -f /usr/local/man/man4/ethereal-filter.4
test -d /usr/local/share/ethereal && rm -r /usr/local/share/ethereal
ldconfig
exit
find ~/src -maxdepth 1 -type d -name "ethereal-*" -exec rm -r {} \;
rm -f ~/installed/ethereal-*.tar.*

Back to the list


Last updated: Wed, 29 Apr 2020 22:04:50 -0400
Jason Englander <jason at englanders dot us>