| blob | e78eb3f78c885042d6f8743f4f2133cf4fe84315 |
1 $Id$
3 NOTE: this document applies to the Wireshark source releases and
4 buildbot source tarballs. It does not apply to source code checked
5 out directly from Subversion, as files such as the configuration
6 script are not checked into Subversion, but need to be generated
7 from the autoconf and automake files.
8 See http://wiki.wireshark.org/Development if you would like to build
9 the source code checked out directly from Subversion.
11 Installation
12 ============
14 These are installation instructions for Unix and Unix-like systems
15 that can run the "configure" script in this same directory. These
16 are not the installation instructions for Windows systems; see
17 README.windows for those instructions.
19 0. This is software. Beware.
21 1. If you wish to build Wireshark, make sure you have GTK+ and GLib
22 installed. Try running 'pkg-config glib-2.0 --modversion' to see if
23 you have GLib 2.x installed and, if that fails, try running
24 'glib-config --version' to see if you have GLib 1.2[.x] installed.
25 Then try running 'pkg-config gtk+-2.0 --modversion' to see if you
26 have GTK+ 2.x installed and, if that fails, try running
27 'gtk-config --version' to see if you have GTK+ 1.2[.x] installed.
28 Wireshark needs versions 1.2.0 or above of both these packages.
29 If you need to install or re-install GTK+ or GLIB, you can find
30 the packages at:
32 http://www.gtk.org
34 If you installed GTK+ from a binary package, you may have to
35 install a "development" package; there may be separate "user's"
36 and "developer's" packages, with the former not including
37 header files and the like. For example, Red Hat users will
38 need to install a "gtk-devel" .rpm.
40 Note also that Wireshark configuration defaults to using GTK+ and
41 GLib 2.x; you need to configure with --disable-gtk2 to use GTK+
42 1.2[.x].
44 Please also note that GTK+ 1.2[.x] is only supported up to
45 Wireshark 1.0.x. From Wireshark 1.1.x onwards only GTK+ 2.x
46 is supported.
48 2. If you wish to build TShark, the line-mode version of Wireshark,
49 make sure you have GLIB installed. See note #1 above for instructions
50 on checking if you have GLIB installed. You can download GLIB from
51 the same site as GTK.
53 3. If you want to capture packets, make sure you have libpcap
54 installed. The latest "official" version can be found at
56 http://www.tcpdump.org .
58 If you've downloaded the 0.5.2 version, make sure you install
59 the headers ('make install-incl') when you install the library.
60 The CVS snapshots will install the headers if you do 'make
61 install', and have no 'install-incl' target.
63 If you installed libpcap from a binary package, you may have to
64 install a "development" package; for example, there's
65 apparently a "libpcap0" Debian package, but it just includes a
66 shared library, a copyright notice, changelog files, and a
67 README file - you also need to install a "libpcap-dev" package
68 to get header files, a non-shared library, and the man page.
69 Similarly, Red Hat 5.x users will need to install a "libpcap-devel"
70 .rpm to go along with the "libpcap" .rpm.
72 4. Building Wireshark requires Perl (specifically the pod2man program)
73 so that the documentation can be built.
75 5. Run './configure' in the Wireshark distribution directory.
76 Running './configure --help' displays a complete list of options.
77 The file 'INSTALL.configure' contains general instructions for
78 using 'configure' and 'make'. Some of the Wireshark non-generic
79 configure options are as follows:
81 --sysconfdir=DIR
82 Wireshark installs a support file (manuf) in ${PREFIX}/etc by
83 default, where ${PREFIX} comes from --prefix=DIR. If you do not
84 specify any --prefix option, ${PREFIX} is "/usr/local".
85 You can change the location of the manuf file with the --sysconfdir
86 option.
88 --disable-usr-local
89 By default 'configure' will look in /usr/local/{include,lib} for
90 additional header files and libraries. Using this switch keeps
91 'configure' from looking there
93 --disable-wireshark
94 By default, if 'configure' finds the GTK+ libraries, the Makefile
95 builds Wireshark, the GUI packet analyzer. You can disable the
96 build of the GUI version of Wireshark with this switch.
98 --disable-gtk2
99 Build Glib/Gtk+ 1.2[.x]-based wireshark.
100 Note: not supported from Wireshark 1.1.x onwards
102 --disable-tshark
103 By default the line-mode packet analyzer, TShark, is built.
104 Use this switch to avoid building it.
106 --disable-editcap
107 By default the capture-file editing program is built.
108 Use this switch to avoid building it.
110 --disable-capinfos
111 By default the capture-file statistics reporting pogram
112 is built. Use this switch to avoid building it.
114 --disable-mergecap
115 By default the capture-file merging program is built.
116 Use this switch to avoid building it.
118 --disable-text2pcap
119 By default the hex-dump-to-capture file conversion program
120 is built. Use this switch to avoid building it.
122 --disable-dftest
123 By default the display-filter-compiler test program is built.
124 Use this switch to avoid building it.
126 --disable-randpkt
127 By default the program which creates random packet-capture files
128 is built. Use this switch to avoid building it.
130 --disable-dumpcap
131 By default the network traffic capture program is built.
132 Use this switch to avoid building it.
134 --disable-reordercap
135 By default the capture-file reordering program is built.
136 Use this switch to avoid building it.
138 --disable-rawshark
139 By default the program used to dump and analyze raw libpcap data
140 is built. Use this switch to avoid building it.
142 --disable-ipv6
143 If 'configure' finds support for IPv6 name resolution on
144 your system, the packet analyzers will make use of it.
145 To avoid using IPv6 name resolution if you have the support for it,
146 use this switch.
148 --enable-setuid-install
149 Wireshark and TShark rely on dumpcap for packet capture. Setting this
150 flag installs dumpcap with setuid root permissions, which lets any user
151 on the system capture live traffic. If this is not desired, you can
152 restrict dumpcap's permissions so that only a single user or group can
153 run it. This can be used in conjunction with --with-libcap described
154 below.
156 Running Wireshark or TShark as root is not recommended.
158 --without-libcap
159 By default, if 'configure' finds libcap (the POSIX capabilities
160 library) dumpcap will be built so that if it is installed setuid
161 root, it will attempt to retain CAP_NET_RAW and CAP_NET_ADMIN
162 before dropping root privileges. Use this option to disable this
163 behavior.
165 --with-libcap=DIR
166 Use this option to tell 'configure' where libcap is installed,
167 if it is installed in a non-standard location. Note that libcap
168 (the POSIX capabilities library, sans "p") and libpcap (the
169 packet capture library, avec "p") are two very different things.
171 --without-pcap
172 If you choose to build a packet analyzer that can analyze
173 capture files but cannot capture packets on its own, but you
174 *do* have libpcap installed, or if you are trying to build
175 Wireshark on a system that doesn't have libpcap installed (in
176 which case you have no choice but to build a version that can
177 analyze capture files but cannot capture packets on its own),
178 use --without-pcap to avoid using libpcap.
180 --with-pcap=DIR
181 Use this to tell Wireshark where you have libpcap installed, if
182 it is installed in a non-standard location.
184 --without-zlib
185 By default, if 'configure' finds zlib (a.k.a, libz), the
186 wiretap library will be built so that it can read compressed
187 capture files. If you have zlib but do not wish to build
188 it into the wiretap library, used by Wireshark, TShark, and
189 the capture-file utilities that come in this package, use
190 this switch.
192 --with-zlib=DIR
193 Use this to tell Wireshark where you have zlib installed, if it
194 is installed in a non-standard location.
196 --without-plugins
197 By default, if your system can support run-time loadable modules,
198 the packet analyzers are build with support for plugins.
199 Use this switch to build packet analyzers without plugin support.
201 --with-plugins=DIR
202 By default, plugins are installed in
203 ${LIBDIR}/wireshark/plugins/${VERSION}
205 ${LIBDIR} can be set with --libdir, or defaults to ${EPREFIX/lib}
206 ${EPREFIX} can be set with --exec-prefix, or defaults to ${PREFIX}
207 ${VERSION} is the Wireshark version.
209 Use this switch to change the location where plugins
210 are installed.
212 6. After running './configure', you will see a summary of some
213 of the options you chose. Ensure that the summary reflects
214 what you want. If it doesn't, re-run './configure' with new options.
216 7. Run 'make'. Hopefully, you won't run into any problems.
218 8. Run './wireshark' or './tshark' or ./dumpcap, and make sure things are
219 working. You must have root privileges in order to capture live data.
221 9. Run 'make install'. If you're running a system that supports
222 the Apt, RPM, OSX, or System V Release 4 packaging systems, you can
223 run one of
225 make debian-package # Builds a binary package using dpkg
226 make rpm-package # Builds a binary package using rpm
227 make srpm-package # Builds a source package using rpm
228 make svr4-package # Builds a binary package using pkgmk
229 make solaris-package # Same as "make svr4-package"
230 make osx-package # Builds a binary package for OSX
232 to make an installable package for your system.
234 If you have trouble with the build or installation process, you can
235 find assistance on the wireshark-users and wireshark-dev mailing lists.
236 See http://www.wireshark.org/lists/ for details.