Difference between revisions of "Wireshark"
From CBLFS
Jump to navigationJump to search (Wireshark build instructions) |
|||
(4 intermediate revisions by one other user not shown) | |||
Line 2: | Line 2: | ||
|- | |- | ||
!Download Source: | !Download Source: | ||
− | | http://prdownloads.sourceforge.net/wireshark/wireshark-{Wireshark-Version}.tar.bz2 | + | | http://prdownloads.sourceforge.net/wireshark/wireshark-{{Wireshark-Version}}.tar.bz2 |
|} | |} | ||
Line 28: | Line 28: | ||
== Configuration Information == | == Configuration Information == | ||
+ | |||
+ | {{Note|For a more complete support of IPv6, [[libpcap]] needs to be compiled with the option ''--enable-ipv6''.}} | ||
{| | {| | ||
Line 96: | Line 98: | ||
make install | make install | ||
+ | |||
+ | == Configuring == | ||
+ | |||
+ | In order to start Wireshark from the application menu of your desktop environment, install the icons and the desktop file: | ||
+ | |||
+ | for n in 16 32 48 64; do | ||
+ | d=/usr/share/icons/hicolor/${n}x${n}/apps | ||
+ | mkdir -pv $d && | ||
+ | install -v -o0 -g0 -m644 image/wsicon${n}.png $d/wireshark.png | ||
+ | done | ||
+ | |||
+ | d=/usr/share/icons/hicolor/scalable/apps | ||
+ | mkdir -pv $d && | ||
+ | install -v -o0 -g0 -m644 image/wsicon.svg $d/wireshark.svg | ||
+ | |||
+ | install -v -o0 -g0 -m644 wireshark.desktop /usr/share/applications/ | ||
== Contents == | == Contents == | ||
Line 145: | Line 163: | ||
|interactively dump and analyze network traffic (Gtk application) | |interactively dump and analyze network traffic (Gtk application) | ||
|} | |} | ||
+ | |||
+ | [[Category:Network Applications]] |
Latest revision as of 16:26, 19 March 2009
Download Source: | http://prdownloads.sourceforge.net/wireshark/wireshark-0.99.7.tar.bz2 |
---|
Contents
Introduction to Wireshark
Wireshark (formerly named Ethereal) is a versatile network analyzer with an easy to use GUI. It recognizes hundreds of commen network protocols and provides valuable information when investigating network problems.
Project Homepage: http://www.wireshark.org/
Dependencies
If libpcap is not available, Wireshark will not be able to capture any packets. However, you can still analyze packet dumps that were recorded an a different host.
Recommended
Optional
Configuration Information
For a more complete support of IPv6, libpcap needs to be compiled with the option --enable-ipv6.
--enable-static: build static libraries (shared libs are built by default) |
--disable-gtk2: use Gtk1 in favor of Gtk2 for GUI |
--with-lua: build Lua scripting plugin |
--with-ssl: use OpenSSL crypto library |
--enable-setuid-install: install tshark and dumpcap as setuid |
Non-Multilib
Compile the package:
./configure --prefix=/usr --enable-threads && make
Install the package:
make install
Multilib
32Bit
Compile the package:
CC="gcc ${BUILD32}" USE_ARCH=32 \ PKG_CONFIG_PATH="${PKG_CONFIG_PATH32}" \ ./configure --prefix=/usr \ --sysconfdir=/etc --enable-threads && make
Install the package:
make install
N32
Compile the package:
CC="gcc ${BUILDN32}" USE_ARCH=n32 \ PKG_CONFIG_PATH="${PKG_CONFIG_PATHN32}" \ ./configure --prefix=/usr --libdir=/usr/lib32 \ --sysconfdir=/etc --enable-threads && make
Install the package:
make install
64Bit
Compile the package:
CC="gcc ${BUILD64}" USE_ARCH=64 \ PKG_CONFIG_PATH="${PKG_CONFIG_PATH64}" \ ./configure --prefix=/usr --libdir=/usr/lib64 \ --sysconfdir=/etc --enable-threads && make
Install the package:
make install
Configuring
In order to start Wireshark from the application menu of your desktop environment, install the icons and the desktop file:
for n in 16 32 48 64; do d=/usr/share/icons/hicolor/${n}x${n}/apps mkdir -pv $d && install -v -o0 -g0 -m644 image/wsicon${n}.png $d/wireshark.png done d=/usr/share/icons/hicolor/scalable/apps mkdir -pv $d && install -v -o0 -g0 -m644 image/wsicon.svg $d/wireshark.svg install -v -o0 -g0 -m644 wireshark.desktop /usr/share/applications/
Contents
Installed Directories: | /usr/lib{,32,64}/wireshark, /usr/share/wireshark |
---|---|
Installed Programs: | capinfos, dftest, dumpcap, editcap, idl2wrs, mergecap, randpkt, text2pcap, tshark, wireshark |
Installed Libraries: | libwireshark.so, libwiretap.so |
Short Descriptions
capinfos | reads one or more capture files and returns statistics of each file |
---|---|
dftest | ? |
dumpcap | capture packet data from a live network and write the packets to a file |
editcap | edit and/or translate the format of capture files |
idl2wrs | take a user specified CORBA IDL file and generate "C" source code for a Wireshark "plugin" |
mergecap | merges two or more capture files into one |
randpkt | create random packet-capture files |
text2pcap | generate a capture file from an ASCII hexdump of packets |
tshark | dump and analyze network traffic (console application) |
wireshark | interactively dump and analyze network traffic (Gtk application) |