wireshark - Network protocol analyzer (packet sniffer)
ChangeLog
| Web site: | http://www.wireshark.org/ |
HOWTO
# Wireshark 1.0.0
# ===============
# Wireshark was formerly known as Ethereal. See the FAQ if you're curious
# about the name change:
# http://www.wireshark.org/faq.html
#
# If you have Ethereal installed, go to the bottom of my Ethereal howto for
# uninstallation instructions before you install Wireshark.
# Slackware does not have Wireshark (or Ethereal) packages, but if you are
# looking for a package, you can find one here:
# http://www.linuxpackages.net/search_view.php?by=name&name=wireshark
# Prerequisites:
# bison
# flex >= 2.5.1
# Perl
# Python (optional)
# rpm (optional)
# pkg-config
# libpcap
# GnuTLS or OpenSSL (optional)
# zlib (optional)
# ucd-snmp/net-snmp (optional)
# Glib and GTK+ 1.x or 2.x
# libiconv
# XFree86 or X.org libraries (for the gui wireshark)
# See the "Requirements For Compiling" section of the Wireshark web site
# for others.
# If you have trouble downloading Wireshark with the URL below, try here:
# http://prdownloads.sourceforge.net/wireshark/wireshark-1.0.0.tar.bz2
# http://www.wireshark.org/download/src/wireshark-1.0.0.tar.bz2
cd
test -f installed/wireshark-1.0.0.tar.bz2 &&
mv installed/wireshark-1.0.0.tar.bz2 .
test ! -f wireshark-1.0.0.tar.bz2 &&
wget http://downloads.sf.net/wireshark/wireshark-1.0.0.tar.bz2
# Verify tarball w/ md5sum:
echo "90e58c595f082da3ad9390d714f16116 wireshark-1.0.0.tar.bz2" | md5sum -c
# Verify tarball w/ sha1sum:
echo "4f53f526359a072665812deca980999bd26e6ab0 wireshark-1.0.0.tar.bz2" | \
sha1sum -c
# Verify tarball w/ OpenSSL using RMD-160:
# (the two lines should match)
echo "12016f80d30954bdc89163958e7d007543b3327e" ; \
openssl rmd160 wireshark-1.0.0.tar.bz2 | cut -d' ' -f2
mkdir -p -m 0700 src
cd src
find -maxdepth 1 -type d -name "ethereal-*" -exec rm -r {} \;
find -maxdepth 1 -type d -name "wireshark-*" -exec rm -r {} \;
tar xjvf ~/wireshark-1.0.0.tar.bz2
cd wireshark-1.0.0
test $UID = 0 && chown -R root:root .
# If you have the X libraries installed but don't want to build the
# wireshark binary (you only need the text-based tshark), add
# --disable-wireshark to the configure line below.
# If you have ucd/net-snmp installed but do not want to build it in, add
# either --with-net-snmp=no or --with-ucd-snmp=no to the configure line,
# depending on the one that you have.
# If you would rather build wireshark and/or tshark with Glib/GTK+ 1.x
# support, add --disable-gtk2 to the configure line
# wireshark needs to run as root to have access to interfaces and the like.
# If you need to run it from X, you're probably best off starting X as root
# or starting X as a non-root user and su-ing. You can add
# --enable-setuid-install to configure below, but running it (and just about
# anything else) suid root is generally thought to be dangerous.
#
# Don't forget that you can run the text-based tshark as root in or out
# of X.
# If you have GnuTLS and OpenSSL installed, it will use GnuTLS
# (even if you pass --with-ssl=/path/to/openssl)
#
# If you don't have OpenSSL installed in the usual source-installed place
# (/usr/local/ssl), like if you're using a distribution package that puts it
# under the /usr prefix, specify --with-openssl below without a PATH and
# configure should find it.
# To only build the text-based tshark (not the GTK+ based wireshark)
# pass --disable-wireshark to configure
./configure --with-ssl=/usr/local/ssl --disable-ipv6 --enable-threads
make
# Become root to install it
su
find /usr/local/lib/wireshark/plugins/* -type d \
-exec rm -r {} \; 2> /dev/null
make install-strip
chown -R $USER .
ldconfig
# Become yourself again
exit
cd
mkdir -p -m 0700 installed
rm -f installed/wireshark-*.tar.*
mv wireshark-1.0.0.tar.bz2 installed/
# ~/src/wireshark-1.0.0/image/hi48-app-wireshark.png can be used as a
# desktop icon
# If you ever want to uninstall Wireshark, this should do it:
cd
su
test -d src/wireshark-* && ( cd src/wireshark-* ; make uninstall )
( cd /usr/local/bin ; rm -f capinfos dftest dumpcap editcap \
idl2wrs mergecap randpkt text2pcap tshark wireshark )
( cd /usr/local/lib ; rm -f libwireshark.* libwiretap.* )
test -d /usr/local/lib/wireshark && rm -r /usr/local/lib/wireshark
( cd /usr/local/man/man1 ; rm -f capinfos.1 dumpcap.1 editcap.1 \
idl2wrs.1 mergecap.1 tshark.1 text2pcap.1 wireshark.1 )
rm -f /usr/local/man/man4/wireshark-filter.4
test -d /usr/local/share/wireshark && rm -r /usr/local/share/wireshark
ldconfig
exit
find ~/src -maxdepth 1 -type d -name "wireshark-*" -exec rm -r {} \;
rm -f ~/installed/wireshark-*.tar.*
List of HOWTOs
Web page itself last updated: 2023-12-20 8:06pm (EST -0500)
HOWTO last updated: 2008-04-14 3:28pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
HOWTO last updated: 2008-04-14 3:28pm
Copyright © 2001-2024 Jason Englander. All Rights reserved.
![[HTML5]](HTML5_Logo_64-black.png){kind=logo}
