wireshark - Network protocol analyzer (packet sniffer)
ChangeLog
| Web site: | https://www.wireshark.org/ |
| Repository: | https://gitlab.com/wireshark/wireshark |
| Wikipedia: | https://en.wikipedia.org/wiki/Wireshark |
HOWTO
# Wireshark 4.4.5
# ===============
# Wireshark was formerly known as Ethereal. See the FAQ if you're curious
# about the name change:
# http://www.wireshark.org/faq.html
#
# If you have Ethereal installed, go to the bottom of my Ethereal howto for
# uninstallation instructions before you install Wireshark.
# Slackware does not have Wireshark (or Ethereal) packages, but if you are
# looking for a package, you can find one here:
# http://www.linuxpackages.net/search_view.php?by=name&name=wireshark
# Wireshark 4.4.5 Release Notes
# lists.wireshark.org: [Wireshark-announce] Wireshark 4.4.5 is now available
# www.mail-archive.com: [Wireshark-announce] Wireshark 4.4.5 is now available
# SIGNATURES-4.4.5.txt
# Wireshark docs
# - Wireshark User's Guide
# - tshark: Terminal-based Wireshark
# - Filtering while capturing
# - Wireshark Manual Pages
# Wireshark Wiki
# - CaptureFilters
# Wireshark FAQ
# Wireshark Mailing Lists
# Wireshark's Q&A Site
# GitLab: Wireshark Wiki
# GitLab: Wireshark Development
# GitLab: Wireshark Issues
# Prerequisites:
# CMake (required)
# Python >= 3.6 (required)
# Perl >= 3.6 (required)
# pkg-config (required)
# Glib >= 2.54.0 (required for 'tshark')
# GnuTLS >= 3.5.8 (required) or OpenSSL (optional)
# c-ares >= 1.13.0 (required)
# flex >= 2.5.1 (required)
# PCRE2 (required)
# Speex (required)
# libssh >= 0.8.5 (optional)
# libpcap (optional)
# Brotli (optional)
# LZ4 (optional)
# zstd >= 1.0.0 (optional)
# Nghttp2 >= 1.11.0 (optional)
# Lua (optional)
# Netlink (optional)
# SBC (optional)
# libxml2 (optional)
# libcap (optional)
# xsltproc (optional)
# Doxygen (optional)
# Systemd (optional)
# Qt 6.x and Glib (for 'wireshark')
# MaxMindDB (optional)
# SMI (optional)
# Kerberos (optional)
# zlib-ng (optional)
# minizip-ng (optional)
# snappy (optional)
# spandsp (optional)
# bcg729 (optional)
# AMRNB (optional)
# iLBC (optional)
# OPUS (optional)
? # gettext
? # Glibc iconv or libiconv
? # XFree86 or X.org or Waylandlibraries (for the gui wireshark)
# If you have trouble downloading Wireshark with the URL below, try here:
# (signatures are ..)
# https://www.wireshark.org/download/src/
# https://1.na.dl.wireshark.org/src/
# https://2.na.dl.wireshark.org/src/
# User-install Ruby gem Asciidoctor
# (frowned upon, but you could also install system-wide as root)
# https://asciidoctor.org/
gem install --user-install asciidoctor
# Get the Wireshark tarball
cd
test -f installed/wireshark-4.4.5.tar.xz &&
mv installed/wireshark-4.4.5.tar.xz .
test ! -f wireshark-4.4.5.tar.xz &&
wget https://2.na.dl.wireshark.org/src/wireshark-4.4.5.tar.xz
# Verify tarball w/ sha256sum:
echo "02346f7de3d50678c200189a2ecbf4747fd83fbfc5850cadfd428fd9b15444\
28 wireshark-4.4.5.tar.xz" | sha256sum -c
# Extract the source
mkdir -p -m 0700 ~/src
cd ~/src
find -maxdepth 1 -type d -name "wireshark-*" -exec rm -r {} \;
tar xJvf ~/wireshark-4.4.5.tar.xz
cd wireshark-4.4.5
test $UID = 0 && chown -R root:root .
# Create a build directory
mkdir build && cd build
# Read ./README.md, ./README.linux, and ./INSTALL
# List CMake options
cmake -LH ..
# You can use Ninja, default is make
# -G Ninja
# Only build 'tshark', do not build 'wireshark'
# -DBUILD_wireshark=OFF
# If you want man pages and installed Asciidoctor as your user, rather
# than system-wide, specify the path to it like so
# -DASCIIDOCTOR_EXECUTABLE=~/.local/share/gem/ruby/3.4.0/bin/asciidoctor
# Configure the build
# Example: no GUI wireshark, user-installed Asciidoctor
cmake \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_INSTALL_DOCDIR:PATH=/usr/doc/wireshark \
-DCMAKE_INSTALL_MANDIR=/usr/man \
-DBUILD_wireshark=OFF \
-DASCIIDOCTOR_EXECUTABLE=~/.local/share/gem/ruby/3.4.0/bin/asciidoctor \
..
# Build it
make
# Become root to install it
su
# You may or may not want to clean up old files here
# /usr/bin/
# capinfos captype dumpcap editcap idl2wrs mergecap randpkt
# rawshark reordercap sharkd text2pcap tshark wireshark
# /usr/doc/wireshark/
# /usr/lib*/wireshark/
# /usr/lib*/lib{wireshark,wiretap,swutil}.*
# /usr/man/man[14]/
# /usr/share/wireshark/
# Install it
make install
ldconfig
# View what was installed and where
cat install_manifest.txt | sort | less
# List available man pages
ls -1 doc/man_pages/*.[14] | cut -d'/' -f3 | cut -d'.' -f1
# Make sure your non-root user can remove the source later
chown -R $(logname) .
chmod -R u+w .
# Become yourself again
exit
# Save the tarball for later
cd
mkdir -p -m 0700 installed
rm -f installed/wireshark-*.tar.*
mv wireshark-4.4.5.tar.xz installed/
# ~/src/wireshark-4.4.5/resources/ for icons for the GUI wireshark
# If you ever want to uninstall Wireshark, this should do it:
cd
su
test -d src/wireshark-* && ( cd src/wireshark-* ; make uninstall )
for pfx in /usr /usr/local; do
( cd ${pfx}/bin ; rm -f capinfos dftest dumpcap editcap \
idl2wrs mergecap randpkt text2pcap tshark wireshark )
( cd ${pfx}/lib ; rm -f libwireshark.* libwiretap.* )
test -d ${pfx}/lib/wireshark && rm -r ${pfx}/lib/wireshark
test -d ${pfx}/lib64 &&
( cd ${pfx}/lib64
rm -f libwireshark.* libwiretap.*
test -d ./wireshark && rm -r ./wireshark )
( cd ${pfx}/man/man1 ; rm -f capinfos.1 dumpcap.1 editcap.1 \
idl2wrs.1 mergecap.1 tshark.1 text2pcap.1 wireshark.1 )
rm -f ${pfx}/man/man4/wireshark-filter.4
test -d ${pfx}/share/wireshark && rm -r ${pfx}/share/wireshark
done
ldconfig
exit
find ~/src -maxdepth 1 -type d -name "wireshark-*" -exec rm -r {} \;
rm -f ~/installed/wireshark-*.tar.*
List of HOWTOs
Web page itself last updated: 2023-12-20 8:06pm (EDT -0400)
HOWTO last updated: 2025-04-09 5:54pm
Copyright © 2001-2025 Jason Englander. All Rights reserved.
HOWTO last updated: 2025-04-09 5:54pm
Copyright © 2001-2025 Jason Englander. All Rights reserved.
![[HTML5]](HTML5_Logo_64-black.png){kind=logo}
