From e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 10 Apr 2024 22:34:10 +0200 Subject: Adding upstream version 4.2.2. Signed-off-by: Daniel Baumann --- INSTALL | 203 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 203 insertions(+) create mode 100644 INSTALL (limited to 'INSTALL') diff --git a/INSTALL b/INSTALL new file mode 100644 index 00000000..db058a3b --- /dev/null +++ b/INSTALL @@ -0,0 +1,203 @@ +See also https://gitlab.com/wireshark/wireshark/-/wikis/Development +and the Developer's Guide located at https://www.wireshark.org/docs/ +and in the docbook/ subdirectory. + +Installation +============ + +These are installation instructions for Unix and Unix-like systems. +These are not the installation instructions for Windows systems; see +README.windows for those instructions. + +0. This is software. Beware. + +1. If you wish to build Wireshark, make sure you have the Qt and GLib + development packages installed. Try running + 'pkg-config glib-2.0 --modversion' to see if you have GLib 2.x + installed. Then try running 'pkg-config Qt5Widgets --modversion' + to see if you have Qt installed. Wireshark requires Qt 5.9 or later, + but the most recent LTS release is strongly recommended. It needs + version 2.50.0 or above of GLib. If you need to install or + re-install GLIB, you can find the packages at: + + https://download.gnome.org/sources/glib/ + + You can find Qt at: + + https://www.qt.io/download + + If you installed Qt or GLib from binary packages, you may have to + install corresponding "development" packages; there may be separate + "user's" and "developer's" packages, with the former not including + header files and the like. For example, Red Hat users will need to + install a "glib2-devel" .rpm. + +2. If you wish to build TShark, the line-mode version of Wireshark, + make sure you have GLib installed. See note #1 above for instructions + on checking if you have GLib installed. + +3. If you want to capture packets, make sure you have libpcap + installed. The latest "official" version can be found at + + https://www.tcpdump.org . + + If you installed libpcap from a binary package, you may have to + install a "development" package; for example, there's + apparently a "libpcap0" Debian package, but it just includes a + shared library, a copyright notice, changelog files, and a + README.md file - you also need to install a "libpcap-dev" package + to get header files, a non-shared library, and the man page. + Similarly, Red Hat users will need to install a "libpcap-devel" + .rpm to go along with the "libpcap" .rpm. + +4. Building Wireshark requires Python, flex, and Asciidoctor. + +5. Create a build directory separate from the source directory. It can + be anywhere, but you might run into issues if the path contains + spaces. + +6. Run 'cmake ' in your build + directory. Running 'cmake -LH ' + displays a complete list of options. The "Tool Reference" section of + Developer's Guide contains general instructions for using CMake. Some + of the Wireshark-specific options are as follows: + + -G Ninja + CMake supports many different build systems, including UNIX + Make, MSBuild, and Ninja. UNIX Make is the default, but Ninja + tends to be faster. + + -DBUILD_wireshark=OFF + By default CMake tries to find the Qt libraries so Wireshark, + the GUI packet analyzer, can be built. You can disable the + build of the GUI version of Wireshark with this switch. + + -DBUILD_tshark=OFF + By default the line-mode packet analyzer, TShark, is built. + Use this switch to avoid building it. + + -DBUILD_editcap=OFF + By default the capture-file editing program is built. + Use this switch to avoid building it. + + -DBUILD_capinfos=OFF + By default the capture-file statistics reporting program + is built. Use this switch to avoid building it. + + -DBUILD_captype=OFF + By default the capture-type reporting program is built. Use this + switch to avoid building it. + + -DBUILD_mergecap=OFF + By default the capture-file merging program is built. + Use this switch to avoid building it. + + -DBUILD_reordercap=OFF + By default the capture-file reordering program is built. + Use this switch to avoid building it. + + -DBUILD_text2pcap=OFF + By default the hex-dump-to-capture file conversion program + is built. Use this switch to avoid building it. + + -DBUILD_dftest=OFF + By default the display-filter-compiler test program is built. + Use this switch to avoid building it. + + -DBUILD_randpkt=OFF + By default the program which creates random packet-capture files + is built. Use this switch to avoid building it. + + -DBUILD_dumpcap=OFF + By default the network traffic capture program is built. + Use this switch to avoid building it. + + -DBUILD_rawshark=OFF + By default the program used to dump and analyze raw libpcap data + is built. Use this switch to avoid building it. + + -DDUMPCAP_INSTALL_OPTION=suid + -DDUMPCAP_INSTALL_OPTION=capabilities + Wireshark and TShark rely on dumpcap for packet capture. Setting + this flag to "suid" installs dumpcap with setuid root + permissions, which lets any user on the system capture live + traffic. If this is not desired, you can restrict dumpcap's + permissions so that only a single user or group can run it and + set the "capabilities" flag. + + Running Wireshark or TShark as root is not recommended. + + -DENABLE_CAP=OFF + By default, if 'cmake' finds libcap (the POSIX capabilities + library) dumpcap will be built so that if it is installed setuid + root, it will attempt to retain CAP_NET_RAW and CAP_NET_ADMIN + before dropping root privileges. Use this option to disable this + behavior. + + -DENABLE_PCAP=OFF + If you choose to build a packet analyzer that can analyze + capture files but cannot capture packets on its own, but you + *do* have libpcap installed, or if you are trying to build + Wireshark on a system that doesn't have libpcap installed (in + which case you have no choice but to build a version that can + analyze capture files but cannot capture packets on its own), + use -DENABLE_PCAP=OFF to avoid using libpcap. + + -DENABLE_ZLIB=OFF + By default, if 'cmake' finds zlib (a.k.a, libz), the + wiretap library will be built so that it can read compressed + capture files. If you have zlib but do not wish to build + it into the wiretap library, used by Wireshark, TShark, and + the capture-file utilities that come in this package, use + this switch. + + -DENABLE_BROTLI=OFF + By default, if 'cmake' finds brotli, the wiretap library + will be built so that it can read brotli compressed capture + files. If you have brotli but do not wish to build it into + the wiretap library, used by Wireshark, TShark, and the + capture-file utilities that come in this package, use this switch. + + -DENABLE_PLUGINS=OFF + By default, if your system can support run-time loadable modules, + the packet analyzers are build with support for plugins. + Use this switch to build packet analyzers without plugin support. + +7. After running 'cmake', you will see a summary of some + of the options you chose. Ensure that the summary reflects + what you want. If it doesn't, re-run 'cmake' with new options. + +8. Run 'make', or 'ninja' if you chose to create Ninja build files. + Hopefully, you won't run into any problems. + +9. Run './run/wireshark' or './run/tshark' or ./run/dumpcap, and make sure things are + working. You must have root privileges in order to capture live data. + +10./a. Run 'make install'. If you're running a system that supports + the RPM packaging systems you can run + + make wireshark_rpm + + or + + ninja wireshark_rpm + + to make an installable package for your system. The installation path + defaults to /usr/local, so you'll probably want to pass + -DCMAKE_INSTALL_PREFIX=/usr to CMake. + +10/b. If you 're running a system that supports APT (Debian/Ubuntu/etc.) + run + + ln -sn packaging/debian + dpkg-buildpackage -us -uc -rfakeroot + + in the source directory right after extracting of checking out + Wireshark's source code. (You don't have to run CMake/make/Ninja/etc. + prior to running dpkg-buildpackage) + + +If you have trouble with the build or installation process, you can +find assistance on the wireshark-users and wireshark-dev mailing lists (see +https://www.wireshark.org/lists/ for details) or the Wireshark Q&A site: +https://ask.wireshark.org . -- cgit v1.2.3